IS2510/TEL2810 Introduction to Security Homework 2 Total Points: 100 Due Date: Oct 14, 2011 1. [20 Points] The proof of Theorem 3–1 states the following: Suppose two subjects s1 and s2 are created and the rights in A[s1, o1] and A[s2, o2] are tested. The same test for A[s1, o1] and A[s1, o2] = A[s1, o2] A[s2, o2] will produce the same result. Justify this statement. Would it be true if one could test for the absence of rights as well as for the presence of rights? 2. [15 + 15 + 10 = 40 Points] (a) Reconstruct the following graph using the graph reconstruction technique used in the proof of theorem 3-11. Show transformed graphs for each of the three steps and label edges appropriately. (b) Consider the graph below which is a modified version of the graph of Figure 3-4 in the book (Brown one). For each graph, compute the following 1. Access set, 2. Delete set, 3. Conspiracy graph, 4. Conspirators set and 5. Witness to the theft of right r by x and a1. If the stealing is not possible, give reasons. α1α2α3α4α5α6α7α9 V1 V2V4V3V5α8V6 α10(c) Prove or disprove: The claim of Lemma 3–1 (related to the Take Grant model) holds when x is an object. 3. [20 Points] Consider a Turing Machine with the following specification 1. Set of states: {k0, k1, k2, k3} 2. Tape symbols: {A, B, C} 3. Final (or halting) state is k3 4. Transition Functions: δ( k0, A) = (k1, B, R); δ( k1, A)= (k2, B, R); δ( k1, B) = (k1, A, R) δ( k2, C)= (k3, A, L); δ( k3, B) = (k1, A, L); Assume your TM’s initial configuration is as shown below. 1. Show the mapping of the elements of this TM to a protection system. 2. Show all possible transitions, indicating each new TM configuration reached (i.e., state, head position and the symbols in each cell) and its corresponding protection state (the entries in the Access Control Matrix). 4. [20 Points] (a) Given the security levels TOP SECRET, SECRET, CONFIDENTIAL, and UNCLASSIFIED (ordered from highest to lowest), and the categories A, B, and C, specify what type of access (read, write, both, or neither) is allowed in each of the following situations. Assume that discretionary access controls allow anyone access unless otherwise specified. x a1a2a3bc d ezrgt gggt ta. Paul, cleared for (TOP SECRET, { A, C }), wants to access a document classified (SECRET, { B, C }). b. Anna, cleared for (CONFIDENTIAL, { C }), wants to access a document classified (CONFIDENTIAL, { B }). c. Jesse, cleared for (SECRET, { C }), wants to access a document classified (CONFIDENTIAL, { C }). (b) In the DG/UX system, why is the virus prevention region below the user region and the administrative region above the user region? Explain clearly? (c) Suppose a system implementing Biba's model used the same labels for integrity levels and categories as for security levels and categories. Under what conditions could one subject read an object? Write to an
View Full Document