Homework #3

Homework #3 Revision 1

Revision 1, May 6, 2025: In problem 3, the section for catdog should be 9.4.1.

Due: May 14, 2025
Points: 100

Questions

  1. (36 points) Show that the Clinical Information System Security model’s principles implement the Clark-Wilson enforcement and certification rules.

  2. (20 points) Consider countermeasures for the SYN flood attack that are present on intermediate systems and are designed to allow only legitimate handshakes reach the destination system. Is the focus of this type of countermeasure the waiting time policy, the user agreements, or both? Why?

  3. (30 points) Suppose the composite machine catdog (see Section 9.4.1) emits the same value from the left and the right. Show that it has received an even number of inputs from the left.

  4. (14 points) A physician who is addicted to a pain-killing medicine can prescribe the medication for herself. Please show how RBAC in general, and the RBAC formula for separation of duty specifically, can be used to govern the dispensing of prescription drugs to prevent a physician from prescribing medicine for herself.
UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 36A, Programming & Problem Solving
Version of May 6, 2025 at 1:10PM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh