Homework #2

Due: February 11, 2014
Points: 100

Questions

1. (25 points) Consider the construction in Section 3.5.2 that shows how to simulate three-parent joint creation using two-parent joint creation (this is on pp. 80–83 of the text). In the original paper, cr_C(s, c) = c/R₃ (that is, the t right was omitted) and link₂(S, A₃) = A₃/t ∈ dom(S) (the second part was omitted). Why won’t this work? (text, problem 3.9, modified)

2. (25 points) Prove Theorem 4-1. Show all elements of your proof. (text, problem 4.10)

3. (25 points) Given the security levels TOP SECRET, SECRET, CONFIDENTIAL, and UNCLASSIFIED (ordered from highest to lowest), and the categories A, B, and C, specify what type of access (read, write, or both) is allowed in each of the following situations. Assume that discretionary access controls allow anyone access unless otherwise specified.
   1. Paul, cleared for (TOP SECRET, {A, C}), wants to access a document classified (SECRET, {B, C}).
   2. Anna, cleared for (CONFIDENTIAL, {C}), wants to access a document classified (CONFIDENTIAL, {B}).
   3. Jesse, cleared for (SECRET, {C}), wants to access a document classified (CONFIDENTIAL, {C}).
   4. Sammi, cleared for (TOP SECRET, {A, C}), wants to access a document classified (CONFIDENTIAL, {A}).
   5. Robin, who has no clearances (and so works at the UNCLASSIFIED level), wants to access a document classified (CONFIDENTIAL, {B}).

4. (25 points) Prove that the two properties of the hierarchy function (see Section 5.2.3) allow only trees and single nodes as organizations of objects. (text, problem 5.6)

Extra Credit

1. (20 points) Consider Theorem 5.6. Would the theorem hold if the requirement that z₀ be a secure state were eliminated? Justify your answer.