CIS-4040 Homework #5: Host Security

Due: Friday, November 15, 2019

This assignment covers host security. There is no material in the text on this subject. Please refer to class notes (slides on the web site) and other Internet materials.

  1. What is the "access control matrix?" Is it a practical method for managing access control?

  2. Summarize the difference between discretionary access controls and mandatory access controls. Is one more secure than the other? Does it make sense to use both together?

  3. In the Bell-LaPadula model of multilayer security, the *-property seems counterintuitive. Explain why it is actually important.

  4. Much thought has been given to ways of protecting users from malicious programs that they might accidently execute or be tricked into executing. On the other hand data files, such as plain ASCII text files, are usually considered "safe". Yet this is a simplistic assumption. How could malicious data files also be a danger?