Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

Information Assurance Homework 5: Clark-Wilson, Biba Integrity Models, Access Control, Assignments of Computer Science

A university homework assignment focused on information assurance. Topics include comparing clark-wilson and biba integrity models, weak tranquility in os, and access control under bell-lapadula model. Students are also asked to evaluate common criteria security targets for check point vpn-1/firewall-1 ngx and ibm aix 5l.

Typology: Assignments

Pre 2010

Uploaded on 03/11/2009

koofers-user-l1e
koofers-user-l1e 🇺🇸

5

(1)

10 documents

1 / 2

Toggle sidebar

Related documents


Partial preview of the text

Download Information Assurance Homework 5: Clark-Wilson, Biba Integrity Models, Access Control and more Assignments Computer Science in PDF only on Docsity!

Name:

Information Assurance: Homework 5

Due October 17, 2007

  1. Consider the Clark-Wilson and Biba strict integrity models. a. What does Clark-Wilson provide that Biba does not? b. What does Biba provide that Clark-Wilson does not? c. If you were designing a high integrity system, which integrity model do you think would give you the best guidance and why?
  2. If a trusted OS only provides weak tranquility, can we still say it implements a mandatory access control (MAC) policy? Why or why not?
  3. Given the security levels: W > X > Y > Z, and the categories A, B, and C, specify the accesses allowed (read, pure-write or append, read-write) under the Bell-LaPadula model Assume DAC allows all access. a. Andrew at W:{} and Document at Y:{} b. Beverly at Y:{A,B,C} and Document at Z:{B} c. Clarence at W:{A,B} and Document at Y:{B,C} d. Darrin at Y:{A,C} and Document at Y:{A,C} e. Eleanor at Z:{} and Document at W:{C}
  4. Consider the access allowed with the labels above intrpreted as integrity levels under the strict Biba integrity model. a. Andrew at W:{} and Document at Y:{} b. Beverly at Y:{A,B,C} and Document at Z:{B} c. Clarence at W:{A,B} and Document at Y:{B,C} d. Darrin at Y:{A,C} and Document at Y:{A,C} e. Eleanor at Z:{} and Document at W:{C}
  5. This question works with the list of products evaluated by the Common Criteria http://www.commoncriteriaportal.org/public/expert/index.php?menu=8. In particular, you will be looking at products “Check Point VPN-1/FireWall-1 NGX “ and “IBM AIX 5L for POWER V5.3, Technology level 5300-05-02 with Argus Systems Group PitBull Foundation Suite 5.0 and optional IBM Virtual IO Server (VIOS) Version 1.3” a. Does the security target follow a protection profile (PP)? If so, what PP? b. If it follows a PP, does it specify any additional security functional requirements? If so, list one of the additional requirements. c. If it does not follow a PP, list two of the security functional requirements from the security target. d. What EAL was the product was certified at? e. Where there any extensions to a standard EAL? If so what?

Name: f. What EAL was the PP (if any) certified at? g. Which company was the sponsor for the certification? h. What is the highest level certification you see in the list?