CSE394: Security Policy Frameworks Scott Stoller Homework 2. Version: 6 Oct 2005. Due: 13 Oct 2005. -------------------- 11 Oct 2005: All of the references to [Bishop] below are to Matthew Bishop. Computer Security: Art and Science. Addison Wesley, 2002. which is the source for the handout on Blackboard. I apologize for mistakenly indicating that the references are to the abridged version of that textbook, which is: Matthew Bishop. Introduction to Computer Security. Addison Wesley, 2004. All of the necessary material for this assignment can be found in the abridged book, if you happen to have it. Matthew Wesley kindly made a cross-reference and posted it on Blackboard. (The material about Lipner's model in Section 6.3 is mentioned in this assignment but isn't necessary for it.) Bishop, 2003 Bishop, 2004 Sec. 5.8 #2 Sec. 5.5 #2 Sec. 6.2.3 Sec. 6.2.3 Sec. 6.3 not present Sec. 7.1.1 Sec. 7.1 p. 127 p. 65 p. 171 p. 85 10 Oct 2005: I added a sentence at the end of problem 3. It says "Justify your answer." 10 Oct 2005: Because classes are cancelled on Oct 13, the hw2 due date is postponed to 14 Oct 2005. You may submit this assignment by email to cse394@cs.sunysb.edu. Or, you may submit a printout to my office (CS 1429) any time on Friday (or before). If I'm not in my office, just slip it under my office door. Do not leave it in my mailbox (where other students could see it). -------------------- 1. [Bishop, section 5.8, Exercise 2.] 2. Extend Biba's Strict Integrity Policy [Bishop, section 6.2.3] with integrity categories. (Note that Lipner's model [Bishop, section 6.3] uses this extension.) As before, let i(s) and i(o) denote the integrity level for subject s and object o, respectively. Let iCats(s) and iCats(o) denote the integrity categories of subject s and object o, respectively. Specifically, you should complete the following rules, and write a few sentences explaining your rules. s can read o iff i(s) <= i(o) and ... s can write o iff i(o) <= i(s) and ... where "..." represents an appropriate condition relating iCats(o) and iCats(s). Hint: Biba's strict integrity model is the dual of the Bell-LaPadula model, so these conditions should be analogous to the Simple Security Condition and *-property on [Bishop, page 127]. 3. In the Chinese Wall Model [Bishop, section 7.1.1], when evaluating the CW-Simple Security Condition (the final version at the bottom of page 171, not the preliminary version), should sanitized objects be included in PR(S)? Justify your answer.