Homework 2

Due Date: April 19, 2001
Points: 100

  1. (20 points; text, exercise 1.3) The aphorism "security through obscurity" says that hiding information provides some level of security. Please give an example of a situation in which hiding information does not add appreciably to the security of a system. Give an example when it does.
  2. (20 points; text, exercise 2.5) Let c be a copy flag and let a computer system have the set of rights { r, w, x, a, l, m, o }.
    1. Using the syntax in class (and in section 2.3 of the text), write a command copy_all_rights(p, q, s) that copies all rights that p has over s to q.
    2. Modify your command so only those rights with an associated copy flag are copied. The new copy should not have the copy flag.
  3. (40 points; text, exercise 3.1) Prove or give a counterexample:
    The predicate can*share(a, x, y, G0) is true if and only if there is an edge from x to y in G0 labelled a, or if the following hold simultaneously:
    1. there is a vertex s in G0 with an s-to-y edge labelled a;
    2. there is a subject vertex x' such that x' = x or x' initially spans to x;
    3. there is a subject vertex s' such that s' = s or s' terminally spans to s; and
    4. there is a sequence of subjects x' = x1, ..., xn = s' with xi and xi+1 (1 <= i < n) being connected by an edge labelled t, an edge labelled g, or a bridge.
  4. (20 points; text, exercise 4.5) Classify each of the following as examples of mandatory, discretionary, or originator controlled policies, or a combination. Please justify your answers.
    1. The file access control mechanisms of the UNIX operating system.
    2. A system in which no memorandum can be distributed without the author's consent.
    3. A facility in which only generals can enter a particular room.
    4. A university's registrar office, in which faculty can see grades of a particular student provided that student has given written permission.

Matt Bishop
Office: 3059 Engineering Unit II Phone: +1 (530) 752-8060
Fax: +1 (530) 752-4767
Email: bishop@cs.ucdavis.edu
Copyright Matt Bishop, 2001. All federal and state copyrights reserved for all original material presented in this course through any medium, including lecture or print.