Homework #1

Due: January 19, 2022
Points: 100

Questions

1. (16 points) Consider the following change in the rules associated with each (object, verb) pair in Miller and Baldwin’s model (see Section 2.2.1):

   name	rules
   recipes	write: ‘creative’ in subject.group and ‘chef’ in subject.role
   overpass	write: ‘artist’ in subject.role and ‘creative’ in subject.group
   .shellrct	write: ‘hack’ in subject.group and (time.hour < 4 or time.hour > 20) and time.hour > 0
   oven.dev	temp_ctl: ‘kitchen’ in subject.program and ‘chef’ in subject.role

   How does this change the access control matrices shown at the end of that section?

2. (24 points) Consider the set of rights { r, w, n }.
   1. Using the syntax in Section 2.3, write a command delete_all_rights(p, q, o). This command causes p to delete all rights the subject q has over an object o.
   2. Modify your command so that the deletion can occur only if p has w rights over o.
   3. Modify your command so that the deletion can occur only if p has r rights over o and q does not have n rights over o.

3. (30 points) Theorem 3.1, used in the proof of Theorem 3.1, states: “Suppose two subjects s₁ and s₂ are created and the rights in A[s₁, o₁] and A[s₂, o₂] are tested. The same test for A[s₁, o₁] and A[s₁, o₂] = A[s₁, o₂] ∪ A[s₂, o₂] will produce the same result.” Justify this statement. Would it be true if one could test for the absence of rights as well as for the presence of rights?

4. (20 points) Prove or disprove: The claim of Lemma 3.1 holds when x is an object.

5. (10 points) In the SPM model, acyclic creates impose constraints on the types of created subjects but not on the types of created objects. Why not?

Matt Bishop Office: 2209 Watershed Sciences Phone: +1 (530) 752-8060 Email: mabishop@ucdavis.edu

ECS 235A, Computer and Information Security Version of January 2, 2022 at 11:25PM

You can also obtain a PDF version of this.