Professional Documents
Culture Documents
Homework 2
Homework 2
RoseHulmanInstituteofTechnology ComputerScienceandSoftwareEngineering
Homework2 Due:19thDecember(Friday),inclass 1. Consideracomputersystemwiththreeusers:Alice,Bob,andCyndy.Aliceownsthefile alicerc,andBobandCyndycanreadit.Cyndycanreadandwritethefilebobrc,whichBob owns,butAlicecanonlyreadit.OnlyCyndycanreadandwritethefilecyndyrc,whichshe owns.Assumethattheownerofeachofthesefilescanexecuteit. a. Createthecorrespondingaccessmatrix. b. CyndygivesAlicepermissiontoreadcyndyrc,andAliceremovesBobsabilityto readalicerc.Showthenewaccesscontrolmatrix. 2. Intheinclassexerciseonday6,weconsideredthesetofrights{read,write,execute, append,list,modify,own}.Usingthesyntaxoftheexampleintheslides(forcreatefile),you wroteacommanddelete_all_rights(p,q,s).Thiscommandcausesptodeleteallrightsthe subjectqhasoveranobjects.Heresanimplementationofthecommand:
command delete_all_rights(p, q, s) delete r in A[q, s]; delete w in A[q, s]; delete x in A[q, s]; delete a in A[q, s]; delete l in A[q, s]; delete m in A[q, s]; delete o in A[q, s]; end; a. Modifyyourcommandsothatthedeletioncanoccuronlyifphasmodifyrights overs. b. Modifyyourcommandsothatdeletioncanoccuronlyifphasmodifyrightsover sandqdoesnothaveownrightsovers.
CSSE442ComputerSecurity Winter20082009
RoseHulmanInstituteofTechnology ComputerScienceandSoftwareEngineering
b. Inabout500wordsorless,differentiatebetweendiscretionarypolicies,mandatory policies,androlebasedpolicies.