Q 1. Consider the set of rights {read, write, execute, append, list, modify, own}. a. Using...

Transcribed Image Text:

Q 1. Consider the set of rights {read, write, execute, append, list, modify, own}. a. Using the primitive commands discussed during the online lectures, write a composite command delete_all_rights (p, q, s). This command causes p to delete all rights the subject q has over an object s. b. Modify your command so that the deletion can occur only if p has modify rights over s. c. Modify your command so that the deletion can occur only if p has modify rights over s and q does not have own rights over s. d. Consider a computer system with three users: A, B, and C. A owns the file alicerc, and B and C can read it. C can read and write B's file bobrc, but A can only read it. Only C can read and write her file cyndyrc. Assume that the owner of each of these files can execute it. i. Create the corresponding access control matrix. C gives A permission to read cyndyrc, and A removes B's ability ii. to read alicerc. Show the new access control matrix. [5] Q 2. Given the security levels TOP SECRET, SECRET, CONFIDENTIAL, and UNCLASSIFIED (ordered from highest to lowest), and information categories A, B, and C, specify what type of access (read, write, or both) is allowed by the BLP model in each of the following situations. Assume that discretionary access controls allow anyone access unless otherwise specified. a. Paul, cleared for (TOP SECRET, { A, C }), wants to access a document classified (SECRET, { B, C }). b. Anna, cleared for (CONFIDENTIAL, {C }), wants to access a document classified (CONFIDENTIAL, { B }). c. Jesse, cleared for (SECRET, { C }), wants to access a document classified (CONFIDENTIAL, { C }). d. Sammi, cleared for (TOP SECRET, { A, C }), wants to access a document classified (CONFIDENTIAL,{A }). e. Robin, who has no clearances (and so works at the UNCLASSIFIED level), wants to access a document classified (CONFIDENTIAL, { B }). [5] Q 1. Consider the set of rights {read, write, execute, append, list, modify, own}. a. Using the primitive commands discussed during the online lectures, write a composite command delete_all_rights (p, q, s). This command causes p to delete all rights the subject q has over an object s. b. Modify your command so that the deletion can occur only if p has modify rights over s. c. Modify your command so that the deletion can occur only if p has modify rights over s and q does not have own rights over s. d. Consider a computer system with three users: A, B, and C. A owns the file alicerc, and B and C can read it. C can read and write B's file bobrc, but A can only read it. Only C can read and write her file cyndyrc. Assume that the owner of each of these files can execute it. i. Create the corresponding access control matrix. C gives A permission to read cyndyrc, and A removes B's ability ii. to read alicerc. Show the new access control matrix. [5] Q 2. Given the security levels TOP SECRET, SECRET, CONFIDENTIAL, and UNCLASSIFIED (ordered from highest to lowest), and information categories A, B, and C, specify what type of access (read, write, or both) is allowed by the BLP model in each of the following situations. Assume that discretionary access controls allow anyone access unless otherwise specified. a. Paul, cleared for (TOP SECRET, { A, C }), wants to access a document classified (SECRET, { B, C }). b. Anna, cleared for (CONFIDENTIAL, {C }), wants to access a document classified (CONFIDENTIAL, { B }). c. Jesse, cleared for (SECRET, { C }), wants to access a document classified (CONFIDENTIAL, { C }). d. Sammi, cleared for (TOP SECRET, { A, C }), wants to access a document classified (CONFIDENTIAL,{A }). e. Robin, who has no clearances (and so works at the UNCLASSIFIED level), wants to access a document classified (CONFIDENTIAL, { B }). [5]

Answer rating: 100% (QA)

Q1 a Using the syntax in Section 23 write a command deleteallrights p q s This command causes p to d... View the full answer