Homework 3 Due Date: May 3, 2001 Points: 100 1. (20 points; text, exercise 5.2) Given the security levels TOPSECRET, SECRET, CONFIDENTIAL, and UNCLASSIFIED (ordered from highest to lowest), and the categories A, B, and C, say what type of access (read, write, or both) is allowed in the following situations. Assume discretionary access controls allow anyone access unless otherwise specified. a. Paul, cleared for (TOPSECRET, { A, C }), wants to access a document classified (SECRET, { B, C }). b. Anna, cleared for (CONFIDENTIAL, { C }), wants to access a document classified (CONFIDENTIAL, { B }). c. Jesse, cleared for (SECRET, { C }), wants to access a document classified (CONFIDENTIAL, { C }). d. Sammi, cleared for (TOPSECRET, { A, C }), wants to access a document classified (CONFIDENTIAL, { A }). e. Robin, who has no clearances (and so works at the UNCLASSIFIED level), wants to access a document classified (CONFIDENTIAL, { B }). 2. (20 points; text, exercise 6.5) Explain why the system controllers in Lipner's model need clearances of (SL, { D, PC, PD, SD, T }). 3. (20 points; text, exercise 7.4) Consider using mandatory access controls and compartments to implement an ORCON control. Assume there are k different organizations. Organization i will produce n(i,j) documents to be shared with organization j. a. How many compartments are needed to allow any organization to share a document with any other organiza- tion? b. Now assume that organization i will need to share nm(i, i1, ?, im) documents with organizations i1, ?, im. How many compartments will be needed? 4. (20 points; text, exercise 9.11) Please prove the following: a. If p is a prime, f(p) = p-1. b. If p and q are both prime, f(pq) = (p-1)(q-1). 5. (20 points; text, exercise 11.6) Needham and Schroeder suggest the following variant of their protocol: a. Alice ? Bob : Alice b. Bob ? Alice : { Alice, rand3 } kBob c. Alice ? Cathy : { Alice, Bob, rand1, { Alice, rand3 } kBob } d. Cathy ? Alice : { Alice, Bob, rand1, ksession, {Alice, rand3, ksession} kBob } kAlice e. Alice ? Bob : { Alice, rand3, ksession } kBob f. Bob ? Alice : { rand2 } ksession g. Alice ? Bob : { rand2-1 }ksession Show that this protocol solves the problem of replay due to stolen session keys.