Due: June 6, 2013 at 11:55pm (No late homework accepted!)
- (30 points) A system allows the user to choose a password with a length of 1 to 8 characters, inclusive. Assume that 10,000,000 passwords can be tested per second. The sytem administrators want to expire passwords once they have a probability of 0.10 of having been guessed. Determine the expected time to meet this probability under each of the following conditions.
(text, exercise 12.8, modified)
- Password characters may be any ASCII characters from 1 to 127, inclusive.
- Password characters may be any alphanumeric characters (“A” through “Z”, “a” through “z”, and “0” through “9”).
- Password characters must be digits.
- (12 points) ACL entries use “owners” (users) rather than individual processes. Why?
(text, exercise 15.1, modified)
- (28 points) Consider Multics procedures p and q. Procedure p is executing and needs to invoke procedure q. Procedure q’s access bracket is (5, 6) and its call bracket is (6, 9). Assume that q’s access control list gives p full (read, write, append, and execute) rights to q. In which ring(s) must p execute for the following to happen?
(text, exercise 15.8)
- p can invoke q, but a ring-crossing fault occurs.
- p can invoke q provided that a valid gate is used as an entry point.
- p cannot invoke q?
- p can invoke q without any ring-crossing fault occurring, but not necessarily through a valid gate.
- (30 points) Consider how a system with capabilities as its access control mechanism could deal with Trojan horses.
(text, exercise 22.2)
- In general, do capabilities offer more or less protection against Trojan horses than do access control lists? Justify your answer in light of the theoretical equivalence of ACLs and C-Lists.
- Consider now the inheritance properties of new processes. If the creator controls which capabilities the created process is given initially, how could the creator limit the damage that a Trojan horse could do?
- Can capabilities protect against all Trojan horses? Either show that they can, or describe a Trojan horse process that C-Lists cannot protect against.
- (20 points) Discuss controls that wpuld prevent Dennis Ritchie’s bacterium (see Section 22.5.1) from absorbing all system resources and causing a system crash.
(text, exercise 22.7).