Due Date: June 6, 2001
- (30 points; text, exercise 18.7) Please discuss controls that
would prevent Dennis Ritchie's bacterium (see section 18.5.1) from
absorbing all system resources and causing a system crash.
- (40 points; text, exercise 18.12) Assume the Clark-Wilson
model is implemented on a computer system. Could a computer virus that
scrambled constrained data items be introduced into the system? Why or
why not? Specifically, if not, identify the precise control that would
prevent it from being intorduced, and say why it would prevent the virus
from being introduced; if yes, identify the specific control or controls
that allow it to be introduced and say why they fail to keep it out.
- (30 points; text, exercise 19.6) An attacker breaks into a
web server using a Windows 2000 based system. He concludes that, because
of the ease with which he broke in, that Windows 2000 is an operating
system with very poor security features. Based only on the results of
the attack, is his conclusion reasonable? Why or why not?
Office: 3059 Engineering Unit II
Phone: +1 (530) 752-8060
Fax: +1 (530) 752-4767
Copyright Matt Bishop, 2001.
All federal and state copyrights reserved for all original material
presented in this course through any medium, including lecture or print.