1. Suppose you have a secure system with three subjects and three objects, with levels as listed below.
Here H dominates L. You wish to implement a Bell and LaPadula model of security for this system. Fill in the access rights (R and/or W) permitted by the model for each subject/object pair in the access matrix below:
(1) Subject: (H, {A}), Object: (L, {A,B})
– Can the subject read the object? Justify your answer
(2) Subject: (H, {A,B}), Object: (L, {A })
– Can the subject read the object? Justify your answer
(3) Subject: (L, {A,B}), Object: (H, {A })
– Can the subject read the object? Justify your answer
(4) Subject: (L, {A,B}), Object: (H, {A })
– Can the subject read the object? Justify your answer
(5) Subject: (H, {A,B,C}), Object: (H, {A,B })
– Can the subject read the object? Justify your answer
(6) Subject: (L, {A,B}), Object: (L, {C})
– Can the subject read the object? Justify your answer
2. Suppose a department has determined that some users have gained unauthorized access to the computing system. Managers fear the intruders might intercept or even modify sensitive data on the system. Cost to reconstruct correct data is expected to be $1,000,000 with 1% likelihood per year.
One approach to addressing this problem is to install a more secure data access control problem. The cost of access control software is $100,000 with 20% effectiveness.
(1) What is the expected annual total costs?
(2) What is the saving?
(3) Answer if it is worthwhile to invest on the access control software. Justify your answer.
TAKE ADVANTAGE OF OUR PROMOTIONAL DISCOUNT DISPLAYED ON THE WEBSITE AND GET A DISCOUNT FOR YOUR PAPER NOW!