Homework 2

Due: February 8, 2019
Points: 100


Questions

  1. (20 points) Given the security levels TOP SECRET, SECRET, CONFIDENTIAL, and UNCLASSIFIED (ordered from highest to lowest), and the categories A, B, and C, specify what type of access (read, write, both, or neither) is allowed in each of the following situations. Assume that discretionary access controls allow anyone access unless otherwise specified.
    1. Paul, cleared for (TOP SECRET, {A, C}), wants to access a document classified (SECRET, {B, C}).
    2. Anna, cleared for (CONFIDENTIAL, {C}), wants to access a document classified (CONFIDENTIAL, {B}).
    3. Jesse, cleared for (SECRET, {C}), wants to access a document classified (CONFIDENTIAL, {C}).
    4. Sammi, cleared for (TOP SECRET, {A, C}), wants to access a document classified (CONFIDENTIAL, {A}).
    5. Robin, who has no clearances (and so works at the UNCLASSIFIED level), wants to access a document classified (CONFIDENTIAL, {B}).
  2. (10 points) What does Trusted Solaris placing system executables at ADMIN_LOW prevent? Why is this important?
  3. (30 points) Prove Theorem 5.5.
  4. (20 points) Definition 19–2 defines assurance in terms of “confidence.” A vendor advertises that its system was connected to the Internet for three months, and no one was able to break into it. It claims that this means that the system cannot be broken into from any network.
    1. Do you share the vendor’s confidence? Why or why not?
    2. If a commercial evaluation service had monitored the testing of this system and confirmed that, despite numerous attempts, no attacker had succeeded in breaking into it, would your confidence in the vendor’s claim be increased, decreased, or left unchanged? Justify your answer.
  5. (20 points) In the Clark-Wilson model, must the TPs be executed serially, or can they be executed in parallel? If the former, why? If the latter, what constraints must be placed on their execution?

UC Davis seal
Matt Bishop
Office: 2209 Watershed Science
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
You can also obtain a PDF version of this.
Version of January 28, 2019 at 10:58PM