Operating Systems - Fall 2007, Homework 12

Operating Systems, Fall 2007, Homework 12

This homework will be covered in practise session on Monday 3.12.2007 (week 49) in room C220.

The exercises are based on chapter 16 (Chapter 15 in the 4th edition).

The second course exam covers the second part of the course: chapters 9-16, exercises 7-12 and team task 3.

Password search
1. Problem 16.1 from text book [Stal 05, p. 722] (problem 15.1 [Stal 01, p. 690])
2. Problem 16.4 from text book [Stal 05] (problem 15.4 [Stal 01])
3. What can you deduce from this?
Password salt
1. Problem 16.7 from text book [Stal 05] (problem 15.7 [Stal 01])
2. Problem 16.8 from text book [Stal 05] (problem 15.8 [Stal 01])
3. Is there real practical advantage with salt?
Multilevel security
1. Problem 16.10 from text book [Stal 05] (problem 15.9 [Stal 01])
2. Problem 16.11 from text book [Stal 05] (problem 15.10 [Stal 01])
3. Why would MAC be safer than DAC (discretionary access control)?
4. "No read up" and "no write down" MAC policy protects data access, but not data integrity. Why? Give an example.
User A owns file ASecret, which only A can read or write. A has program AGame, which can use file ASecret during execution. A lets user B play the game AGame and during playing B can read or write file ASecret.

How would you implement the scheme described above in UNIX?
How would you implement the scheme described above in W2000?
How does the situation change, if B should be able to read ASecret during playing, but not to write into it?
Give new answers to parts a and b.