Scribd
Upload
2 views

Homework - 1

This document outlines Homework 1 for the course CS 4243 / CS 5243: Introduction to Computer Security, assigned on January 29, 2025, with a due date of February 5, 2025. It includes instructions for submission, details on access control schemes, and tasks to represent access control matrices, lists, and graphs for various scenarios. Additionally, it addresses the relationships required in traditional Discretionary Access Control and Role Based Access Control schemes.

Uploaded by

Are Madhumita Sivani
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
2 views

Homework - 1

This document outlines Homework 1 for the course CS 4243 / CS 5243: Introduction to Computer Security, assigned on January 29, 2025, with a due date of February 5, 2025. It includes instructions for submission, details on access control schemes, and tasks to represent access control matrices, lists, and graphs for various scenarios. Additionally, it addresses the relationships required in traditional Discretionary Access Control and Role Based Access Control schemes.

Uploaded by

Are Madhumita Sivani
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

CS 4243 / CS 5243: Introduction to Computer Security - Online

Spring 2025
Homework - 1
Assigned on: Jan 29, 2025
Due on: Feb 5, 2025
Due date for Quiz - 1 (based on this homework): Feb 12, 2025

Submission instructions:
1. The submitted homework answers need to be legible to grade, especially if you are
submitting scanned images of hand-written answers.
2. Submit a single pdf file.
3. Show your work in detail. You will not get any credit if you simply write an answer
without showing the detailed work.
4. Note the Due dates & Late work policy and Collaboration policies specified in the
syllabus.
5. If you refer to any external resources, cite them in your submission.

1. Consider the access control matrix given below.

File 1 File 2 Process 1 Disk 1


Read Wakeup Own
Alex Write Seek
Read Execute Seek
Brianna Write
Read Own Execute Seek
Carl Read Stop
Write
Diana Own Read Stop
Read
Write

Represent the above access control scheme using:


a. (5 points) access control list
b. (5 points) capability list

2. (10 points) Consider the following access control scheme for a company:

• Marketing Manager, Amber, can insert and update the Inventory data. She can read and
update the Accounting data and read and execute the Billing programs.
• Bob, the Sales Manager, can insert, delete, and update the Inventory data, and he can read
and update the Accounting data.
• Carla, the Proprietor of the company, owns the Inventory data, and she can insert and
delete them. She can also read and update the Accounting data and execute the Billing
programs.
• Dean and Emilia are Marketing staff, who can read and update both Inventory data and
Accounting data. They can also read and execute the Billing programs.

Show the access control matrix representation of the Role Based Access Control model for the
above scheme.

3. Consider the below access control matrix representation of a Role Based Access Control
scheme.
ROLES
Manager Staff Accountant Owner
Alex X
Brianna X
USERS Carl X
Diana X
Evan X

OBJECTS
File 1 File 2 File 3 File 4
Read Read Write
Manager Write
Read Write Read Read
ROLES Staff Write
Read Read Read
Accountant Write
Read Read
Write Write
Owner Own Own

Represent the above scheme using the following access control structures:
a. (5 points) access control matrix
b. (5 points) access control list
c. (5 points) capability list
d. (5 points) directed graph (please see the note on the next page)
Note: A directed graph is an alternative representation of the protection state for the
Discretionary Access Control model. Each subject and each object in the protection state is
represented by a node (a single node is used for an entity that is both subject and object). A
directed line from a subject to an object indicates an access right, and the label on the link
defines the access right.

4. Consider an access control scheme with N job positions. For job position i, the number of
individual users in that position is Ui and the number of permissions required for the job position
is Pi.
a. (5 points) For a traditional Discretionary Access Control scheme, find the number of
relationships that must be defined between users and permissions.
b. (5 points) For a Role Based Access Control scheme, find the number of relationships that
must be defined between users, roles, and permissions.

You might also like