You are on page 1of 3


CS4035: Computer Security – 1st Midterm Exam (September 2016) SOLUTIONS
1. Classify each of the following as a violation of Confidentiality(C), of Integrity(I), of Availability(A), or of some combination thereof.
[Data Integrity]

Suraj crashes Ravi’s system

Thomas deletes password protected assignment files of all students in his class
Gladson fakes Sanal’s signature on a check.

[Confidentiality, Source Integrity]

Anand spoof’s Salim’s IP Address to gain access to his computer.

2. While inspecting the log of the OS it was found that there was a violation of access rights of a resource, during a certain
period of time. The TCB Requirement violated as a result of this is Correctness Requirement
3. Three states that SELINUX can be in during operation are
1. Disabled 2. Permissive 3. Enforced


4. Give an example of how CR5 of the Clark Wilson Model could be applied to the development and operation of
CR5 states that when an Input is UDI, the TP must either reject the UDI or transform it to a CDI.
Explanation provides consumer-to-consumer sales services. This means that a User is allowed to upload
information about a product into the system. All input is considered a UDI.
Solution The Web Service must Verify the Input info about the product provided by the user with a IVP (Integrity
Verification), and if it does not validate, it must reject the uploaded data and request the user to upload new data.
However if the data seems valid, it must convert it to data meaningful to the system therefore converting it to a CDI.
5. DM Bank is a financial institution with hundreds of clients in the business sector. DM Bank also has a section that does
data mining on all DM Bank databases for prediction, marketing and risk management purposes. Airline Companies
A, B and C ; Petroleum Companies D and E ; and Food Companies F, G, H and J are all clients of DM Bank. For the
following scenarios indicate(Y/N) if there is an Security violation occuring. If yes state the corresponding property of
Chinese Wall Model that can prevent this violation. Justify your answer in one line:
Ravi works for A and F.
Since Ravi works for companies in two different sectors, he does Not create any potential Conflict of Interest.
Salman works for D and A. Tony works for D and C.
If Salman is able to write Sanitized Data to A. Tony can read the Data and is able to provide it to C, creating a potential
Conflict of Interest. The Chinese Wall Model’s *-property can solve this problem
Jane works for D and E. Mary also works for E.
Jane works for two companies in the same sector thus creating an evident potential Conflict of Interest. Hence the
Simple Security Condition can prevent this
6. Consider a computer system with three users: Alice, Bob, and Cindy. Alice owns the file alicerc, and Bob and Cindy
can read it. Cindy can read and write the file bobrc, which Bob owns, but Alice can only read it. Only Cindy can read
and write the file cindyrc, which she owns. Assume that the owner of each of these files can execute it. Create the
corresponding access control matrix.

alicerc bobrc cindyrc
 Alice
− 

 Bob
− 

5 s t r c p y (BUF. If that party is listed as faculty or staff. [0. [Originator] A system in which no memorandum can be distributed without the author’s consent This would be originator access control. A Security Policy restricts the use of E-mail on a particular system to faculty and staff. [Precise] As each letter is sent or received. it is rejected. 10 baz = g e t e n v ( ”HOME” ) . If so. This is because if I am the author of the memorandum I am the one who can say my information can be distributed. h> 2 #define BUFSIZE 100 3 void j u s t c o p y ( char ∗ bar ) { 4 char BUF[ BUFSIZE ] . 1 #include < s t d l i b . [Discretionary] A university registrar’s office. Precise(P). or Broad(B). the mail is refused. The electronic mail receiving programs are disabled. Otherwise. that faculty member cant see the grades. 7 } 8 int main ( ) { 9 char ∗ baz . [1x4=4] [Discretionary] The file access control mechanisms of the UNIX operating system Since users can assign and modify permissions that they possess.5] [Secure] The E-mail sending and receiving programs are disabled. // S t o r e Path o f User ’ s Home Dir 11 j u s t c o p y ( baz ) . Classify each of the following as an example of a mandatory(M). Justify your answers. 9. Students cannot send or receive E-mail on that host. Justify your answer in one line. [Mandatory] A military facility in which only generals can enter a particular room. The system controls access and an individual cannot change that. If he doesnt grant permission to a particular faculty member. 13 } 8. or originator(O) controlled policy. discretionary(D).) [Broad] The E-mail sending programs ask the user if he or she is a student. 12 e x i t ( 0 ) . . Non-executable Stack can be used to prevent code from being executed on a stack. Stack Canary can be used to add a check to determine if the return address has been modified. Classify the following mechanisms as Secure(S). in which a faculty member can see the grades of a particular student provided that the student has given written permission for the faculty member to see them. the system looks up the sender (or recipient) in a database. access control is discretionary. bar ) . 6 p r i n t f ( ”%s \n” . For the executable code given on next page: (a) What is the Software vulnerability exploited in the above code? Stack Overflow (b) Mention one solution to prevent this exploitation. (Assume that the database entries are correct. Here the student grants the permission to the faculty to see the grades. the mail is processed.7. BUF ) .5x3=1. or a combination thereof. no one else can.

{C}) Jesse can read document because Jesse dominates document. {Read}Jesse. SECRET. {Read}Sammi. [Neither]Anna. but Robin can write to the document because document dominates Robin. {B}). C}). but Sammi cannot write to the document because document does not dominate Jesse. Write(W). and UNCLASSIFIED (ordered from highest to lowest). Paul cannot read and cannot write to the document because Paul does not dominate document and also. wants to access a document classified (CON F IDEN T IAL.5] [Neither] Paul. {B. {Write}Robin. Given the security levels TOP SECRET. CONFIDENTIAL. document does not dominate Paul. document does not dominate Anna. {A}) Sammi can read document because Sammi dominates document. who has no clearances (and so works at the U N CLASSIF IED level). specify what type of access (Read(R). Anna cannot read and cannot write to the document because Anna does not dominate document and also. B. wants to access a document classified (CON F IDEN T IAL. wants to access a document classified (SECRET. {C}). Both(B). wants to access a document classified (CON F IDEN T IAL. cleared for (T OP SECRET. {B}). Assume that DACs allow anyone access unless otherwise specified. {A. . and C. {A. C}). C}).10. but Jesse cannot write to the document because document does not dominate Jesse. and the categories A. cleared for (SECRET. [2. cleared for (CON F IDEN T IAL. {C}). Robin cannot read document because Robin does not dominate document. cleared for (T OP SECRET. or Neither(N)) is allowed in each of the following situations. wants to access a document classified (CON F IDEN T IAL.