Describing the allowed transformations of the matrix

Assignment Help Basic Computer Science
Reference no: EM131310087

Suppose a new class of users, the system security officers (SSOs), were to be added to the access control matrix discussed in Section 26.2.2. Augment the matrix with the change right. This right allows the user to alter the classes of other users in that category. For example, if user Amy had change rights over the class "developers," she could change the class of user Tom, who is currently in the "developers" class, to any of the other four classes.

a. Let Alice be a member of the SSO class, and let her have change rights over the "developers" and "employees" classes. Let Bob be a member of the SSO class, with change rights over "outsiders" and "employees." Redraw the matrix for this situation and write rules describing the allowed transformations of the matrix.

b. Describe any problems that might occur if Alice and Bob were not careful about the changes of classes they made. Could information leak in undesired ways? If so, give an example. If not, show why not.

c. Should members of the SSO class be allowed to apply the change right to members of that class? Justify your answer. In particular, state what damage could occur if this were allowed, and if it were not allowed.

Reference no: EM131310087

Why is the file kept inaccessible to the web server

Consider the scheme used to allow customers to submit their credit card and order information. Section 26.3.3.2 states that the enciphered version of the data is stored in a

Discuss the required changes in the network infrastructure

Discuss the required changes in the network infrastructure. In particular, should the outer firewall provide an SSH proxy or a packet filter to incoming SSH connections? Why

Revenue generated with online sales for a year

Revenue Generated With Online Sales for a year will be the "Revenue Generated for Booth Sales" plus the "Revenue Generated for Online Sales" less the "Online Ticket Expense"

How can the user force the computer to shut down

Suppose a user has physical access to computer hardware (specifically, the box containing the CPU and a hard drive). The user does not have an account on the computer. How c

Which do you think is more psychologically acceptable

Consider the two interpretations of a time field that specifies "1 A.M." One interpretation says that this means exactly 1:00 A.M. and no other time. The other says that thi

Does the set form a lattice under that relation

Consider a set with elements that are totally ordered by a relation. Does the set form a lattice under that relation? If so, show that it does. If not, give a counterexample

Why are the extra digits necessary

The Web server on the DMZ Web server system renames temporary files used to record transactions. The name has the form trns followed by the integer representation of the dat

Would he be able to access the data in some other way

Assume that the user is not allowed to mount media such as the floppy disk. Thus, he would not be able to access the data on the disk as though it were a file system. Would

Reviews

Write a Review

 
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd