(30 points) Why can we omit the requirement lub(i, b[i]) ≤ a[i] from the requirements for secure information flow in the example for iterative statements (see Section 16.3.2.4)? (text, problem 16.5)
(30 points) In the flow certification requirements for the goto statement in Section 16.3.2.5, the set of blocks along an execution path from bi to IFD(bi) excludes these endpoints. Why are they excluded? (text, problem 14.3)
(25 points) In the Janus system, when the framework disallows a system call, the error code EINTR (interrupted system call) is returned.
When some programs have read or write system calls terminated with this error, they retry the calls. What problems might this create?
Why did the developers of Janus not devise a new error code (say, EJAN) to indicate an unauthorized system call?
(text, problem 17.5)
Extra Credit
(20 points) Section 17.3.2.3 derives a formula for I(A;X). Prove that this formula is a maximum with respect to p when p = M/(Mm+1), with M and m as defined in that section (text, problem 17.8)
