Homework #5

Due: March 19, 2012 Points: 100


  1. (30 points) Why can we omit the requirement lub(i, b[i]) ≤ a[i] from the requirements for secure information flow in the example for iterative statements (see Section (text, problem 16.5)
  2. (30 points) In the flow certification requirements for the goto statement in Section, the set of blocks along an execution path from bi to IFD(bi) excludes these endpoints. Why are they excluded? (text, problem 14.3)
  3. (25 points) In the Janus system, when the framework disallows a system call, the error code EINTR (interrupted system call) is returned.
    1. When some programs have read or write system calls terminated with this error, they retry the calls. What problems might this create?
    2. Why did the developers of Janus not devise a new error code (say, EJAN) to indicate an unauthorized system call?
    (text, problem 17.5)

Extra Credit

  1. (20 points) Section derives a formula for I(A;X). Prove that this formula is a maximum with respect to p when p = M/(Mm+1), with M and m as defined in that section (text, problem 17.8)

A PDF version is available here.
UC Davis sigil
ECS 235B, Foundations of Computer and Information Security
Winter Quarter 2012