FREE Trial
Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

2. 30 points Consider the following access control matrix r,-W r,-W -r, +w r,-W r, -W -r,-w r,-W ary T. +W (10) Consider the security

image text in transcribed

2. 30 points Consider the following access control matrix r,-W r,-W -r, +w r,-W r, -W -r,-w r,-W ary T. +W (10) Consider the security labels built from the following components Hierarchical component: Confidential > Public Domain components: EE, CSE For example, a security label is: (Public, {EE, CSE)). (Note, you do not need to draw the lattice.) Assign security labels to the users and files such that using the Bell-LaPadula model, only the actions in the access control matrix are permitted Label(John) Label(Kate) Label(Mary)- Label(Pete)- 1) 1) Label(Filel) Label(File2)- Label(File3) 1) (10) Assume, you want to disallow blind writes. Show the Discretionary Access Control (DAC) policy that works with your security label assignment and will prevent the blind writes. L.e., list all the (user-name, file-name, -w) triples that prevent blind writes (10) Assume you want to support delegation of privileges and time-dependent restrictions, such as users can read and write files between 8:00 am and 5 pm. Would you use BLP or RBAC? Why? 2. 30 points Consider the following access control matrix r,-W r,-W -r, +w r,-W r, -W -r,-w r,-W ary T. +W (10) Consider the security labels built from the following components Hierarchical component: Confidential > Public Domain components: EE, CSE For example, a security label is: (Public, {EE, CSE)). (Note, you do not need to draw the lattice.) Assign security labels to the users and files such that using the Bell-LaPadula model, only the actions in the access control matrix are permitted Label(John) Label(Kate) Label(Mary)- Label(Pete)- 1) 1) Label(Filel) Label(File2)- Label(File3) 1) (10) Assume, you want to disallow blind writes. Show the Discretionary Access Control (DAC) policy that works with your security label assignment and will prevent the blind writes. L.e., list all the (user-name, file-name, -w) triples that prevent blind writes (10) Assume you want to support delegation of privileges and time-dependent restrictions, such as users can read and write files between 8:00 am and 5 pm. Would you use BLP or RBAC? Why

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image_2

Step: 3

blur-text-image_3

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Machine Learning And Knowledge Discovery In Databases Applied Data Science Track European Conference Ecml Pkdd 2021 Bilbao Spain September 13 17 2021 Proceedings Part 5 Lnai 12979

Machine Learning And Knowledge Discovery In Databases Applied Data Science Track European Conference Ecml Pkdd 2021 Bilbao Spain September 13 17 2021 Proceedings Part 5 Lnai 12979

Authors: Yuxiao Dong ,Nicolas Kourtellis ,Barbara Hammer ,Jose A. Lozano

1st Edition

3030865169, 978-3030865160

Students also viewed these Databases questions

Question

Find the derivatives of the following functions (from Section 1.8, Exercises 35-38). Sketch a graph and check that your derivative has the correct sign when the argument is equal to 0. h(z) = 1.0 +...

Answered: 1 week ago

Question

Whichof the followingobjects would be most likely to be destroyed at some point in time in a sequence diagram? shopping cart order titen custoner order invice

Answered: 1 week ago

Question

Define moderator variable.

Answered: 1 week ago

Question

Donnie Hilfiger has two classes of stock authorized: $1 par preferred and $0.01 par value common. As of the beginning of 2015, 300 shares of preferred stock and 4,000 shares of common stock have been...

Answered: 1 week ago

Question

2. 30 points Consider the following access control matrix r,-W r,-W -r, +w r,-W r, -W -r,-w r,-W ary T. +W (10) Consider the security labels built from the following components Hierarchical...

Answered: 1 week ago

Question

In the current year, ABC Corporation had the following items of income, expense, gains, and losses: What is taxable income for the year

Answered: 1 week ago

Question

A project team is identifying project risks for a bridge to be built across a river. The team needs to send out invitations for a risk workshop to better understand the risks involved Which...

Answered: 1 week ago

Question

What relationships can you see between the political dimensions of second-wave civilizations described and their cultural or religious aspects discussed in this chapter?

Answered: 1 week ago

Question

In the movie Sophie's Choice , a woman is forced to choose which one of her children to send to the gas chamber. If she does not decide, both will be killed. How would ethical formalism resolve this...

Answered: 1 week ago

Question

Activity Cost Pool Cleaning carpets Travel to jobs Job support Other (organization-sustaining costs and idle capacity costs) Activity Measure Square feet cleaned (00s) Miles driven Number of jobs...

Answered: 1 week ago

Question

In a group of 50 students we tested the exam scores and the values of quartiles were obtained: Q = 10 points Me = 12 points Q = 18 points What can we say about the asymmetry of this distribution?

Answered: 1 week ago

Question

Question How small a group can be covered under group-term insurance and are there any special rules for small groups?

Answered: 1 week ago

Question

Question How can an executive determine whether it is better to defer compensation and pay the taxes later or to receive the compensation currently and pay taxes at relatively low income tax rates?

Answered: 1 week ago

Question

Question Can a corporation provide a nonqualified deferred compensation plan to an executive who is a controlling shareholder (more than 50%) in the corporation?

Answered: 1 week ago

Previous Question Next Question