Unformatted text preview: CIS 4360 Introduction to Computer Security Home Assignment 8, Fall 2011, with answers Due: Thu 9:30pm, 11/10/2011 This concerns Security models. Some of the questions refer to a Practice Sheet, which is at the end of this assignment. 1. The Biba model attaches labels to objects and subjects. What are these called? Answer: integrity labels. 2. The Clark-Wilson model , in the broadest sense, can also be interpreted as attaching labels to objects and subjects. What are the labels for ( i ) the objects and ( ii ) the subjects. Answer: ( i ) constrained (high), unconstrained (low); ( ii ) certified (TPs), uncertified (others). 3. In the Practice Sheet it is said that there is a critical distinction between the two models. • Which two models? Answer: Biba and Clark-Wilson. • What is the distinction. Answer: In Biba there are no certification rules, while in CW the TPs certify data items. • In Biba there is no procedure for verifying actions....
View Full Document
- Fall '09
- Computer Security, Sidegrade, Clark-Wilson