Homework 2
Due Date: April 19, 2001
Points: 100
1. (20 points; text, exercise 1.3) The aphorism "security through obscurity" says that hiding information provides
some level of security. Please give an example of a situation in which hiding information does not add apprecia-
bly to the security of a system. Give an example when it does.
2. (20 points; text, exercise 2.5) Let c be a copy flag and let a computer system have the set of rights { r, w, x, a, l, m,
o }.
a. Using the syntax in class (and in section 2.3 of the text), write a command copy_all_rights(p, q, s) that cop-
ies all rights that p has over s to q.
b. Modify your command so only those rights with an associated copy flag are copied. The new copy should
not have the copy flag.
3. (40 points; text, exercise 3.1) Prove or give a counterexample:
The predicate canshare(a, x, y, G0) is true if and only if there is an edge from x to y in G0 labelled a, or if the
following hold simultaneously:
a. there is a vertex with an s-to-y edge labelled a;
b. there is a subject vertex x´ such that x´ = x or x´ initially spans to x;
c. there is a subject vertex s´ such that s´ = s or s´ terminally spans to s; and
d. there is a sequence of subjects x´ = x1, -, xn = s´ with xi and xi+1 (1 i < n) being connected by an edge
labelled t, an edge labelled g, or a bridge.
4. (20 points; text, exercise 4.5) Classify each of the following as examples of mandatory, discretionary, or origina-
tor controlled policies, or a combination. Please justify your answers.
a. The file access control mechanisms of the UNIX operating system.
b. A system in which no memorandum can be distributed without the author's consent.
c. A facility in which only generals can enter a particular room.
d. A university's registrar office, in which faculty can see grades of a particular student provided that student
has given written permission.