Q: This exercise asks you to consider the consequences of not applying the princ
ID: 646508 • Letter: Q
Question
Q: This exercise asks you to consider the consequences of not applying the principle of attenuation of privilege to a computer system.
a: What are the consequences of not applying the principle at all? In particular, what is the maximal set of rights that subjects within the system can acquire (possibly with the cooperation of other subjects)?
b: Suppose attenuation of privilege applied only to access rights such as read and write, but not to rights such as own and grant_rights. Would this ameliorate the situation discussed in part (a)? Why or why not?
c: Consider a restricted form of attenuation, which works as follows. A subject q is attenuated by the maximal set of rights that q, or any of its ancestors, has. So, for example, if any ancestor of q has r permission over a file f, q can also r f. How does this affect the spread of rights throughout the access control matrix of the system? Develop an example matrix that includes the ancestor right, and illustrate your answer.
Explanation / Answer
a)
The consequences of not applying the principle at all because If any subject can give any rights to any other subject, then the maximal set of rights that subjects within the system can acquire is all rights over all other entities in the system. If some rights can be given under specific conditions, the maximal set of rights depends upon the nature of the conditions themselves.
b)
Applying attenuation of privileges to access rights only would not ameliorate the above situation, because the control rights only control the spread of rights throughout the system. If the owner can grant rights it does not have, it can grant the requisite access rights as desired, thus enabling information to flow about the system.
I hope this will helps to you
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.