P1L6 Flashcards
1
Q
Discretionary Access Control (DAC)
A
owner of resource decides how it can be shared
2
Q
problems with DAC
A
- information flow problem (cannot control that if someone has access to a file would further share the contain of it)
- in many organizations, the user does not get to decide how/who to share
3
Q
Mandatory Access Control (MAC)
A
- company and users in the company will decide who has access to the data.
- Regulatory requirements might limit sharing
4
Q
label in MAC
A
- indicate sensitivity/category/clearance/need-to-know
- TCB associates labels with object/user
- exact nature of label depends on model/policy
5
Q
comparing labels
A
- dominate
- equal
- not comparable
6
Q
BLP read down rule (simple security)
A
- user can read documents at lower security
7
Q
BLP write up rule (star property)
A
- user can write documents at higher security
8
Q
tranquility principle
A
classification of an obj/subj does not change during a session
9
Q
biba vs BLP
A
- biba focuses on integrity while BLP focuses on confidentiality
- biba read up, write down
10
Q
policy for commercial environments
A
- clearance is not common
- data can only be accessed by certain applications
- separation-of-duty & conflict-of-interest
11
Q
clark-wilson policy
A
usser -> program -> obj
12
Q
chinese wall policy
A
user can not access obj from another user in the same conflict class
13
Q
trusting software
A
- functional correctness
- maintain data integrity
- protect disclosure of sensitive data
- confidence
14
Q
TCB design principle
A
- least privilege for users/programs
- economy: keep trusted code as small as possible
- open design: obscurity doesn’t work
- complete mediation
- fail safe default
- easy of use
15
Q
how to build a TCB
A
- authentication
- access control (MAC & DAC)