Ch8

Question 1

all instances of subjects accessing objects are secure

Answer 1

state machine model

Question 2

designed to prevent unauthorized, insecure, or restricted information flow

Answer 2

information flow model

Question 3

prevents the actions of one subject from affecting the system state or actions of another subject

Answer 3

noninterference model

Question 4

dictates how rights can be passed from one subject to another or from a subject to an object

Answer 4

Take-Grant model

Question 5

table of subjects and objects that indicates the actions or functions that each subject can perform on each object

Answer 5

access control matrix

Question 6

subjects have a clearance level that allows them to access only those objects with the corresponding classification levels; enforces Confidentiality

Answer 6

Bell-Lapadula

Question 7

prevents subjects with lower security levels from writing to objects at higher security levels

Answer 7

Biba

Question 8

relies on auditing to ensure that unauthorized subjects cannot access objects and that authorized users can access objects properly

Answer 8

Clark-Wilson

Question 9

Access Triple

Answer 9

3 parts of Clark-Wilson model include: subject, object & program (interface)

Question 10

what models enforce integrity

Answer 10

Biba & Clark-Wilson

Question 11

what model focuses on integrity

Answer 11

Goguen-Meseguer & Sutherland

Question 12

what model focuses on secure creation and deletion of both subjects and objects

Answer 12

Graham-Denning

Question 13

what models are built on the state machine model

Answer 13

Biba & Bell-Lapadula

Question 14

what is the only model to address confidentiality

Answer 14

Bell-Lapadula

Question 15

what model prevents conflicts of interest

Answer 15

Brewer & Nash

Question 16

what are the 3 types of composition theories

Answer 16

Cascading
Feedback
Hookup

Question 17

Input for one system comes from the output of another system

Answer 17

Cascading composition theory

Question 18

One system provides input to another system, which reciprocates by reversing those roles

Answer 18

Feedback composition theory

Question 19

One system sends input to another system but also sends input to external entities

Answer 19

Hookup composition theory

Question 20

the mode a process runs in when it is confined through the use of memory bounds.

Answer 20

Isolation

Question 21

restricts a process to reading from and writing to certain memory locations

Answer 21

Confinement

Question 22

are the limits of memory a process cannot exceed when reading or writing

Answer 22

Bounds

Question 23

combination of hardware, software, and controls that form a base that enforces the security policy

Answer 23

TCB Trusted Computing Base

Question 24

imaginary boundary that separates the TCB from the rest of the system. TCB components communicate with non-TCB components using trusted paths.

Answer 24

security perimeter

Question 25

logical part of the TCB that confirms whether a subject has the right to use a resource prior to granting access.

Answer 25

Reference Monitor

Question 26

collection of the TCB components that implement the functionality of the reference monitor

Answer 26

security kernel

Question 27

core security component that must be designed and implemented
into an operating system. used to prevent an active process from interacting with an area of memory that was not specifcally assigned or allocated to it

Answer 27

memory protection

Question 28

both a specification for a cryptoprocessor chip on a mainboard and the general name for implementation of the specification. used to store and process cryptographic keys for the purposes of a hardware supported/implemented hard drive encryption system

Answer 28

Trusted Platform Module TPM