DOC PREVIEW
Pitt IS 2150 - HOMEWORK

This preview shows page 1 out of 3 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 3 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 3 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

IS2510/TEL2810 Introduction to Security Homework 2 Total Points: 100 Due Date: Oct 14, 2011 1. [20 Points] The proof of Theorem 3–1 states the following: Suppose two subjects s1 and s2 are created and the rights in A[s1, o1] and A[s2, o2] are tested. The same test for A[s1, o1] and A[s1, o2] = A[s1, o2] ׫ A[s2, o2] will produce the same result. Justify this statement. Would it be true if one could test for the absence of rights as well as for the presence of rights? 2. [15 + 15 + 10 = 40 Points] (a) Reconstruct the following graph using the graph reconstruction technique used in the proof of theorem 3-11. Show transformed graphs for each of the three steps and label edges appropriately. (b) Consider the graph below which is a modified version of the graph of Figure 3-4 in the book (Brown one). For each graph, compute the following 1. Access set, 2. Delete set, 3. Conspiracy graph, 4. Conspirators set and 5. Witness to the theft of right r by x and a1. If the stealing is not possible, give reasons. α1α2α3α4α5α6α7α9 V1 V2V4V3V5α8V6 α10(c) Prove or disprove: The claim of Lemma 3–1 (related to the Take Grant model) holds when x is an object. 3. [20 Points] Consider a Turing Machine with the following specification 1. Set of states: {k0, k1, k2, k3} 2. Tape symbols: {A, B, C} 3. Final (or halting) state is k3 4. Transition Functions: δ( k0, A) = (k1, B, R); δ( k1, A)= (k2, B, R); δ( k1, B) = (k1, A, R) δ( k2, C)= (k3, A, L); δ( k3, B) = (k1, A, L); Assume your TM’s initial configuration is as shown below. 1. Show the mapping of the elements of this TM to a protection system. 2. Show all possible transitions, indicating each new TM configuration reached (i.e., state, head position and the symbols in each cell) and its corresponding protection state (the entries in the Access Control Matrix). 4. [20 Points] (a) Given the security levels TOP SECRET, SECRET, CONFIDENTIAL, and UNCLASSIFIED (ordered from highest to lowest), and the categories A, B, and C, specify what type of access (read, write, both, or neither) is allowed in each of the following situations. Assume that discretionary access controls allow anyone access unless otherwise specified. x a1a2a3bc d ezrgt gggt ta. Paul, cleared for (TOP SECRET, { A, C }), wants to access a document classified (SECRET, { B, C }). b. Anna, cleared for (CONFIDENTIAL, { C }), wants to access a document classified (CONFIDENTIAL, { B }). c. Jesse, cleared for (SECRET, { C }), wants to access a document classified (CONFIDENTIAL, { C }). (b) In the DG/UX system, why is the virus prevention region below the user region and the administrative region above the user region? Explain clearly? (c) Suppose a system implementing Biba's model used the same labels for integrity levels and categories as for security levels and categories. Under what conditions could one subject read an object? Write to an


View Full Document

Pitt IS 2150 - HOMEWORK

Documents in this Course
QUIZ

QUIZ

8 pages

Assurance

Assurance

40 pages

Load more
Download HOMEWORK
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view HOMEWORK and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view HOMEWORK 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?