Changes for Revision 2:
  • Added some details about what the output for the program in question 8 needs to contain
Changes for Revision 1:
  • Eliminated the superfluous “10 minutes” after question 3; and
  • Clarified that question 9 refers to the Bell-LaPadula Model.

Homework 1 Revision 2

Due: October 8, 2025
Points: 100

Short Answer

Answer these questions in one or two sentences.

  1. (5 points) What does the UC Davis Code of Academic Conduct say about using artificial intelligence in your work?

  2. (5 points) Is extra credit added to homework scores?

  3. (5 points) Why will we not accept “.doc” or “.docx” files generated by Microsoft Office, OpenOffice, or other such programs?

  4. (5 points) How long must each required video for your project be when you turn in the question, the progress report, and the completed report?

Longer Answer

You can use more than 1 or 2 sentences to answer these. Remember to write clearly (if you need help, go to the Writing Center on campus) and justify your answers!

  1. (10 points) Explain the difference between data integrity and origin integrity. Into which category does disinformation fall?

  2. (15 points) Peter Denning formulated the principle of attenuation of privilege as “a procedure cannot access an object passed as a parameter in ways that the caller cannot.”1 Contrast this formulation to that of the principle of attenuation of privilege in Section 2.4.3, which states “a subject may not increase its rights, nor grant rights it does not possess to another subject”. In particular, which is the “subject” and which is the “[an]other subject” in Denning’s formulation?

  3. (10 points) Someone asks, “Since the Harrison-Ruzzo-Ullman result says that the security question is undecidable, why do we waste our time trying to figure out how secure the UNIX operating system is?” Please give an answer justifying the analysis of the security of the UNIX system (or any system, for that matter) in light of the HRU result.

  4. (25 points) Write a program, or set of programs, to demonstrate that the CSIF Linux systems do not honor the Principle of Complete Mediation. Explain how the results of your program demonstrate this. Turn in your program(s), fully commented and documented, the output, and a Makefile, in a tar(1) file (a “tarball”). You must use one of the programming languages available there. If compilation is necessary, we must be able to compile your program(s) by entering the command make. Whether your program is compiled or interpreted, we must be able to execute it by typing make run.

    Your output needs to show whether the action before the permission change works, and the same action after the permission change works. For example, if complete mediation is enforced and you are testing it using write permission, your output might look like this: 

    
Opened file testfile for writing...
First write successful ...
Turned off write permission on testfile; permission code 400 ...
Second write failed ...
This system honors the Principle of Complete Mediation
    It shows the file was successfully opened for writing, and the writing worked. It then verified the write permission is turned off (the “400” means the owner can only read the file), and the following attempt to write failed.

  5. (20 points) In the Bell-LaPadula Model, given the security levels TOP SECRET, SECRET, CONFIDENTIAL, and UNCLASSIFIED (ordered from highest to lowest), and the categories A, B, and C, specify what type of access (read, write, both, or neither) is allowed in each of the following situations. Assume that discretionary access controls allow anyone access unless otherwise specified.
    1. Paul, cleared for (TOP SECRET, {A, C}), wants to access a document classified (SECRET, {C}).
    2. Anna, cleared for (CONFIDENTIAL, {C}), wants to access a document classified (CONFIDENTIAL, {B}).
    3. Jesse, cleared for (CONFIDENTIAL, {C}), wants to access a document classified (SECRET, {C}).
    4. Sammi, cleared for (SECRET, {A}), wants to access a document classified (SECRET, {A}).
    5. Robin, who has no clearances (and so works at the UNCLASSIFIED level), wants to access a document classified (CONFIDENTIAL, {B}).

Footnote

  1. P. Denning, “Fault Tolerant Operating Systems,” ACM Computing Surveys 8(4) pp. 359–389 (Dec 1976). DOI: 10.1145/356678.356680.
UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 36A, Programming and Problem Solving
Version of September 15, 2025 at 12:27PM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh