Question
Problem 1: Access Control (a). Under each scenario given below, explain whether ACL or capabilities would be a good choice for revocation. Justify your answer.
Problem 1: Access Control (a). Under each scenario given below, explain whether ACL or capabilities would be a good choice for revocation. Justify your answer.
(i). Revoking an individuals access rights to a particular set of files, but not all files
(ii). Revoking access to a particular file from a group of users, but not all users Problem
2: Authentication
(a). Suppose that a password-based authentication system only allows passwords to be created by using 26 characters from the alphabet and the 10 number characters. Under such a system, how many number of unique passwords can be constructed assuming that passwords are exactly 10 characters long and are case sensitive (i.e., lower and upper-case characters are considered to be different)?
(b). Does using passwords with salts make attacking a specific account more difficult than using passwords without salts? Explain why or why not.
Problem 3: Intrusion Detection
(a). Suppose you have been hired as the security manager at XYZ company. Your boss asks you to determine the number of erroneous login attempts that should be allowed before a users account is locked. She is concerned that too many employees are being locked out of their accounts unnecessarily, but is equally concerned that attackers may be able to guess passwords. How would you determine an appropriate value for the threshold?
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started