(25 points) Prove or disprove: Theorem 6--1 holds for Biba's ring policy
(described in Section 6.2.2).
(20 points) In the Clark-Wilson model, must the TPs be
executed serially, or can they be executed in parallel? If the
former, why; if the latter, what constraints must be placed on
their execution? (text, §6.8, exercise 9)
(25 points) Devise an algorithm that generates an access
control matrix A for any given history matrix H of
the Chinese Wall model. (text, §7.8, exercise 1)
(30 points) Consider the systems Louie and Dewey in Section 8.2.4.
Suppose the sends and receives for the buffers are
non-blocking. Is the composition of Hughie, Dewey, and
Louie still noninterference-secure? Justify your answer.
Suppose all buffers are unbounded. Is the composition
of Hughie, Dewey, and Louie still
noninterference-secure? Justify your answer.
Extra Credit
(15 points) A physician who is addicted to a pain-killing medicine can prescribe the medication for herself. Please show how RBAC in general, and Definition 7–12 specifically, can be used to govern the dispensing of prescription drugs to prevent a physician from prescribing medicine for herself. (text, §7.8, problem 7.7)
(text, §4.11, exercise 9)
