1. A company publishes the design of its security software product in a manual t

Question

1. A company publishes the design of its security software product in a manual that accompanies the executable software.
a. In what ways does this satisfy the principle of open design? In what ways does it not?
b. Given that the design is known, what advantages does keeping the source code unavailable give the company and those who purchase the software? What disadvantages does it cause?

2. Assume that processes on a system share no resources. Is it possible for one process to block another process

Explanation / Answer

1

a)

The principle of open design suggests that complexity does not add security. The software's security should not depend on the user's ignorance which means that a knowledgable user can crack into the system's security. In other words, designers and implementors should not depend on secracy for their system's security.

b)

The company may benefit from leakage of core algorithms that are key to their product that may be misused in other areas without permissions. The unknown reuse of others also affetcs the users who may need to face legal consequences under the charges of unauthorised code copying.

2

A process is an execution stream in the context of a particular process state. An execution stream is a sequence of instructions.Hence, No. No process can directly affect the state of another process.Operating Systems are basically event-driven systems - they wait for an event to happen, respond appropriately to the event, then wait for the next event. In the process, unless the processes share a common resource, it is not possible to block devices using processes.

3

The principal of least common mechanism states that mechanisms used to share the resources should not be shared.

Related Questions

Navigate

• Browse (All)
• Browse 1
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.