Homework 4

Due: November 25, 2024
Points: 100

1. (24 points) Consider the statement

   
   if (x = 1) and (y = 1) then z := 1 
   

   where x and y can each be 0 or 1, with both equally likely and z is initially 0. Compute the conditional entropies H(x | z′) and H(y | z′), where z′ is the value of z after the statement is executed.

2. (26 points) Extend the semantics of the information flow security mechanism in Section 17.3.1 to include structures (sometimes called “records”).

3. (20 points) Assume that the Clark-Wilson model is implemented on a computer system. Could a computer virus that scrambled constrained data items be introduced into the system? Why or why not? Specifically, if not, identify the precise control that would prevent the virus from being introduced, and explain why it would prevent the virus from being introduced; if yes, identify the specific control or controls that would allow the virus to be introduced and explain why they fail to keep it out.

4. (30 points) Consider how a system with capabilities as its access control mechanism could deal with Trojan horses.
   1. In general, do capabilities offer more or less protection against Trojan horses than do access control lists? Justify your answer in light of the theoretical equivalence of ACLs and C-Lists.
   2. Consider now the inheritance properties of new processes. If the creator controls which capabilities the created process is given initially, how could the creator limit the damage that a Trojan horse could do?
   3. Can capabilities protect against all Trojan horses? Either show that they can or describe a Trojan horse process that C-Lists cannot protect against.

Matt Bishop Office: 2209 Watershed Sciences Phone: +1 (530) 752-8060 Email: mabishop@ucdavis.edu

ECS 235A, Computer and Information Security Version of November 14, 2024 at 3:28PM

You can also obtain a PDF version of this.