Tutorial Week 10


Q1: The RC 4000 system (and other systems) have defined a tree of processes (called a process tree) such that all the descendants of a process are given resources (objects) and access rights by their ancestors only. Thus, a descendant can never have the ability to do anything that its ancestors cannot do. The root of the tree is the operating system, which has the ability to do anything. Assume the set of access rights was represented by an access matrix, A. A(x,y) defines the access rights of process x to object y. If x is a descendant of z, what is the relationship between A(x,y) and A(z,y) for an arbitrary object y?

Q2: A password may become known to other users in a variety of ways. Is there a simple method for helping users detect that such an event has occurred? Explain your answer.

Q3: Contrast Discretionary Access Control with Mandatory Access Control.

Q4: Describe the goal (and restrictions it imposes to achieve that goal) of the Bell-La Padula multilevel security policy. Do the same for the Biba policy. Can you comment on the two policies?

Q5:Even with enforced mandatory access control, why is it difficult to control information flow on a multi-tasking system?

Q6: The traditional UNIX password protection scheme uses a salt (a random n-bit number) to make it more difficult for an intruder to discover the password by encrypting common strings in advance. Does this scheme also offer increased protection against a valid user trying to crack the super-user password on a machine? Assume the password file containing the encrypted passwords is readable.

Q7: Lamport's one-time password scheme uses the passwords in reverse order. Would it not be simpler to use f(x) the first time, f(f(x)) the second time, and so on?