Due Date: Monday, December 6, 1999 at 11:59PM
- (25 points) Chapter 7, exercise 2
- (10 points) Chapter 7, supplementary exercise 2
- (15 points) The relations certified (see ER1) and allowed (see ER2)
can be collapsed into a single relation. Why doesn't the Clark-Wilson
Model do this?
- (25 points) Consider the following
protection mechanism. Each object and each process is assigned a number.
A process can only access an object if the object has a higher number
than the process. Which of the mechanisms discussed in class (ACL,
capabilities, lock-and-key, the MULTICS ring protection scheme) does
this most closely resemble, and why? In what essential way does it
differ from the scheme discussed in class?
- (25 points) Assume the Clark-Wilson model is
implemented on a computer system. Could a computer virus that scrambled
constrained data items be introduced into the system? Why or why not?
Specifically, if not, identify the precise control that would prevent it
from being intorduced, and say why it would prevent the virus from being
introduced; if yes, identify the specific control or controls that allow
it to be introduced and say why they fail to keep it out.
- (10 points) Chapter 7, exercise 4
- (5 points) Chapter 7, supplementary exercise 1
Send email to
Department of Computer Science
University of California at Davis
Davis, CA 95616-8562
Page last modified on 12/3/99