Assignment 3: Protection Models

Start date 13 September, due beginning of class 22 September.

  1. (30 Pts) Given a set of types T = {doctor, nurse, patient, healthrecord}, and inert rights RI = {r:c, w:c, publish:c}. Model a system in the Schematic Protection Model where a Doctor is able to share "r:c", "w:c" rights over a healthrecord of a patient to a nurse, a patient is able to publish his or her own healthrecord, and share this right with the doctor or the nurse whenever required. You will need to provide filter functions, describe link functions, and possibly define additional rights/types to support this. You may find it easiest to give an example with particular subjects and objects to demonstrate.
  2. (50 Pts) In a protection model, a user would like to associate a temporal dimension to the rights. More specifically, when a right is given, a time limit "time" can be assigned with the right. The time limit, which can be 0 or "INF" representing no time limit, is the duration for which the right is available for the specific subject over the specific subject/object. "time" is a time period such as 12:00-1615 (12pm - 4pm local time). Extend the Schematic Protection Model to include this temporal dimension. Specifically, define the link predicates, the filter functions, and the can-create so that they are consistent and honour the fact that a given right r that a subject s has over an object/subject os for a period "time" can only use the right during that time period.
  3. (50 Pts) Consider a CS 526 final examination containing 5 individual questions and 2 group questions. Each student can read a question and write its answer for the 5 questions. For the group questions, the students can build a group of 2 each, select one of the group questions out of 2, and solve the question together, and answer it. Choose an appropriate protection model (studied till now), and show the details of your protection model in order to enforce the above requirement. Also explain why you chose that specific protection model for this problem.

Turning in assignment

Please turn in hard copies. Hard copies are easier to communicate comments/grades back to you. Submissions to blackboard are encouraged as a backup, or may be used if for some reason you are unable to attend class (please send an email to the TA noting this), but hard copy submissions will be graded first.