Homework #4

Due: June 4, 2025
Points: 100

Questions

  1. (25 points) The system plugh has users Skyler, Matt, and David. Skyler cannot access David’s files, and neither Skyler nor David can access Matt’s files. The system xyzzy has users Holly, Sage, and Heidi. Sage cannot access either Holly’s or Heidi’s files. The composition policy says that Matt and Holly can access one another’s files, and Skyler can access Sage’s files. Apply the Principle of Autonomy first, and then the Principle of Security, to determine who can read whose files in the composition of xyzzy and plugh.

  2. (25 points) Modify the two-bit system in the first example in Section 9.3 as follows. Whenever a HIGH operation is performed, the HIGH state bit is output. Whenever a LOW operation is performed, the LOW state bit is output. The initial state is not output (in contrast to the example). Is this version of the two-bit system noninterference secure with respect to Lucy? Why or why not?

  3. (20 points) Consider the rule of transitive confinement. Suppose a process needs to execute a subprocess in such a way that the child can access exactly two files, one only for reading and one only for writing.
    1. Could capabilities be used to implement this? If so, how? If not, why not?
    2. Could access control lists be used to implement this? If so, how? If not, why not?

  4. (30 points) Section 18.3.2.3 derives a formula for I(A; X). Prove that this formula is a maximum with respect to p when p = (M(1/m))/(1+mM(1/m)) (this is different than what is in the text).
UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 235B, Foundations of Computer and Information Security
Version of May 30, 2025 at 10:59AM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh