Assignment 1: Access Control Matrix

Assigned: 27 August, due 3 September beginning of class.

Part -I
1. We are exploring the possibility of an on-line final exam for CS526.  Please describe some of the security issues that this raises.  Your task is not to come up with a security design for such an exam, but to enumerate issues that would need to be explored in order to come up with the requirements and design.  Think in terms of the terminology and concepts we introduced in the first two lectures.

Your writeup should be approximately one page typeset. Not more than one page.

Part - II
Consider the following access control system for questions 2 and 3.

Subject = {KP, UP1, UP2}
Objects = {file1}
rights = {own, create, delete, read, update, execute}

Instantiation of rights: Adding a given right more than once for a given (subject, object) pair is idempotent.
A process (subject) can create an object if and only if there is a "create" right in a[process, process].

The initial ACM (access control matrix) A is:


file1 KP
(Kernel Process)
UP1
(User Process 1)
UP2
(User Process 2)
KP

create, own, delete,
execute, read, update
create, own, delete,
execute, read, update
create, delete,
execute, read, update
UP1
create, own, delete,
read, update

create, own, delete,
execute, read, update

UP2



delete,
execute, read, update

2.
(a) Write ACM program using HRU syntax with no conditions that allows  a user process to create a file with {own, delete, read, update} rights.

(b) Write ACM program using HRU syntax with mono-condition that allows  a user process to delete a file that is owned by the same process.


3:
A multiconditional program in HRU syntax is given below:

Command Create_Object(process, file)
if create in a[process, process] and file not in Objects
then
    create object file;
    enter own into a[process, file];
    enter delete into a[process, file];
    enter read into a[process, file];
    enter update into a[process, file];
end

Command Grant_Create(process)
if process is identical to self
then
    enter create into a[self, process];
end

a)  Show ACM after the following operations
    Create_Object that fails
    Grant_Create
    Create_Object that succeeds

b)  Do you think safety is decidable for the above multiconditional program?  Explain.


Turning in assignment

Submit hardcopy or submit softcopy (HTML preferred) through blackboard. If submitting through blackboard, handing in a paper printout at the beginning of class would be appreciated. In each submission: PRINT your name, career account ID and the number of the assignment - for easy/quick access.


Valid XHTML 1.1!