Due: May 10, 2013
- (25 points) Prove Theorem 6–1 for the strict integrity policy of Biba’s model.
(text, problem 6.1)
- (15 points) In the Clark-Wilson model, must the TPs be executed serially, or can they be executed in parallel? If the former, why; if the latter, what constraints (if any) must be placed on their execution.
(text, problem 6.8)
- (25 points) Show that the Clinical Information System Security model’s principles implement the Clark-Wilson enforcement and certification rules.
(text, problem 7.3, modified)
- (35 points) Suppose the composite machine catdog (see Section 8.4.1) emits the same value from the left and the right. Show that it has received an even number of inputs from the left.
(text, problem 8.7, modified).
- (10 points) Why must sanitized objects be in a single company dataset in their own conflict of interest class, and not in the company dataset corresponding to the institution producing the sanitized object?