CSC474/574 Information Systems Security: Homework 3 Solutions Sketch
CSC474/574 Information Systems Security: Homework 3 Solutions Sketch
1. (20 points) Consider a computer system with three users: Alice, Bob, and Cyndy.
Alice owns the file alicerc, and Bob and Cyndy can read it. Cyndy can read and
write Bob's file Bobrc, but Alice can only read it. Only Cyndy can read and write
her file cyndyrc. Assume the owner of each of these files can execute it.
A)
a.
b.
Acl(bobrc) = {(Alice, R), (Bob, O), (Bob, X), (Cyndy, R), (Cyndy, W)}
c.
Capability(Cyndy) = {(alicerc, {R}), (bobrc, {R}), (bobrc, {W}), (cyndyrc, R), (cyndyrc,
W), (cyndyrc, O), (cyndyrc, X)}
d.
a. (10 points) Customize the RBAC0 model to implement the security policy
represented by the above compartments. Assume there is no user in the
system. Represent permissions as o(c), where o is either 'r' (read) or 'w'
(write) and c is a security class. For example, a permission r({AB}) refers to
the permission to read information from the class {AB}.
You need to specify the components of the RBAC0 model. Note that you may
have some empty components (e.g., users, sessions).
b. (10 points) Assume you add the first user X, who is cleared to have the
security class {A}. What changes would you make to the result of (a)?
c. (10 points) Assume that you are allowed to use RBAC1. Develop a role
hierarchy and the corresponding permission assignments. Note that you may
not have a clean hierarchy, since the set of permissions of one role is often not
a subset of that of another role.
A)
a. RBAC0 Model:
Users = { }
Roles = { Ø, A, B, AB }
Permissions= { r(Ø), w(Ø), r(A), w(A),r(B), w(B),r(AB), w(AB) }
Permission Assignments = { (Ø, r(Ø)), (Ø, w(Ø)), (Ø, w(A)), (Ø, w(B)), (Ø, w(AB)),
(A, r(Ø)), (A, r(A)), (A, w(A)), (A, w(AB)), (B, r(Ø)), (B, r(B)), (B, w(B)), (B, w(AB)),
(AB, r(Ø)), (AB, r(A)), (AB, r(B)), (A, r(AB)), (AB, w(AB)) }
User Assignments = { }
Sessions = { }
Users(S U) = { }
Roles(S 2R) = { }
b.
Users = {X}
Roles = { Ø, A, B, AB }
Permissions= { r(Ø), w(Ø), r(A), w(A),r(B), w(B),r(AB), w(AB) }
Permission Assignments = { (Ø, r(Ø)), (Ø, w(Ø)), (Ø, w(A)), (Ø, w(B)), (Ø, w(AB)),
(A, r(Ø)), (A, r(A)), (A, w(A)), (A, w(AB)), (B, r(Ø)), (B, r(B)), (B, w(B)), (B, w(AB)),
(AB, r(Ø)), (AB, r(A)), (AB, r(B)), (A, r(AB)), (AB, w(AB)) }
Sessions = {S1}
Users(S U) = {S1 X}
Roles(S 2R) = {S1 {A}}
c. Role Hierarchy:
Users = { }
Roles = { Ø, A, B, AB, R_ Ø, W_ Ø , R_A, W_A, R_B, W_B, R_AB, W_AB }
Permissions= { r(Ø), w(Ø), r(A), w(A),r(B), w(B),r(AB), w(AB) }
Permission Assignments = { (R_ Ø , r(Ø)), (W_Ø, w(Ø )), (R_A, r(A)), (W_A, w(A)),
(R_B, r(B)), (W_B, w(B)), (R_AB, r(AB)), (W_AB, w(AB)) }
User Assignments = { }
Sessions = { }
AB Ø
R_AB A B W_ Ø
R_ Ø W_AB
3. (40 points) A company has the following security policies regarding the
information that the company considers confidential:
The company divides information into the following classes: CEO (C),
Managers (M), and public (P);
Information from Managers and public classes can flow to the CEO class;
Information from public class can flow to the Manager class;
Information can flow within each class;
There is no other allowed information flow between classes.
A)
a.
SC = { C, M, P}
c.
(M, {C})
(M, {A}) (M, {B})
{}
P
d.
{C, L}
{C, H} {M, L}
{M, H} {P, L}
{P, H}
A) Covert Channel uses shared resources as paths of connection. This requires sharing of
space or time.
Here the shared resource is the directory and names of files in that directory. Processes
communicate by altering characteristics (filenames and file extensions) of shared
resource.