Homework #3

Due: May 10, 2013
Points: 100


  1. (25 points) Prove Theorem 6–1 for the strict integrity policy of Biba’s model.
    (text, problem 6.1)

  2. (15 points) In the Clark-Wilson model, must the TPs be executed serially, or can they be executed in parallel? If the former, why; if the latter, what constraints (if any) must be placed on their execution.
    (text, problem 6.8)

  3. (25 points) Show that the Clinical Information System Security model’s principles implement the Clark-Wilson enforcement and certification rules.
    (text, problem 7.3, modified)

  4. (35 points) Suppose the composite machine catdog (see Section 8.4.1) emits the same value from the left and the right. Show that it has received an even number of inputs from the left.
    (text, problem 8.7, modified).

Extra Credit

  1. (10 points) Why must sanitized objects be in a single company dataset in their own conflict of interest class, and not in the company dataset corresponding to the institution producing the sanitized object?

You can also obtain a PDF version of this. Version of April 29, 2013 at 10:46AM