Explain the three major categories of access control policies. (Chapt 4)
Explain the three major categories of access control policies.
(Chapt 4)
Homework Answers
Access control policies can be grouped into three main classes
Discretionary (DAC):
Discretionary (DAC) (authorization-based) policies control access based on the identity of the requestor and on access rules stating what requestors are (or are not) allowed to do.
1) DAC(Discretionary Access Control)
DAC decides the access rights of users simply based on the access matrix. It is ��discretionary�� in the sense that it allows user to grant other users authorization to access the objects. It has the drawback that it is easy to bypass the access restriction and pass the information to unauthorized user.
Trojan horse problem: There are a high level user A and a low level user B in the system, and a table T which only A can read. Suppose B is malicious and give a Trojan horse program to A which on the surface does some useful work. Now A runs the program, but without the notice of A, the program reads T and writes the content to another table T�� which B can read. Thus the information in T is leaked to unauthorized user B.
Mandatory (MAC):
Mandatory (MAC) policies control access based on mandated regulations determined by a central authority.
MAC (mandatory access control) which protects data against
Trojan horse
Bell-LaPadula model
each subject or object has a security level: Top Secret, Secret, Confidential, Unclassified (TS>S>C>U)
Read-down: a subject S has read access to an object O if and only if level(S) >= level (O);
Write-up: a subject S has write access to an object O if and only if level(S) <= level (O);
How it fixes Trojan horse problem: if T�� has high security level, then B can not read it; if it has low security level, the Trojan horse program, which has the same high security level as A, cannot write it.
Role-based (RBAC):
Role-based (RBAC) policies control access depending on the roles that users have within the system and on rules stating what accesses are allowed to users in given roles.
RBAC introduce the notion role: access rights are specified between objects and roles; a user is associated with one or many roles. Roles can be viewed as a set of actions and responsibilities with a particular working activity.
Add Answer to:
Explain the three major categories of access control
policies.
(Chapt 4)
List and briefly explain the three major categories of False Claim Act cases.
List and briefly explain the three major categories of False Claim Act cases.
The three categories of Media Access discussed in the book are: 1) Random Access, Controlled Acess...
The three categories of Media Access discussed in the book are: 1) Random Access, Controlled Acess & Channelization 2) Random Access, Controlled Acess & Coordination 3) Random Access, Polling Acess & Channelization 4) Network Access, Controlled Acess & Channelization Save Question 26 (1 point) In pure Aloha, the sender expects the receiver to send 1) a CTS 2) an ACK 3) a RTS 4) None of the above Save Question 27 (1 point) In a station will send a frame...
4. Private Policies toward Externality a. Name three private policies toward externality b. Explain two policies...
4. Private Policies toward Externality a. Name three private policies toward externality b. Explain two policies of your choice
List the three major categories of exceptions and an example of each.
List the three major categories of exceptions and an example of each. Drag the appropriate items to their respective bins
QUESTION 4 List the three main categories of market-oriented environmental policies (according to the Taylor texbook)....
QUESTION 4 List the three main categories of market-oriented environmental policies (according to the Taylor texbook). i 3 (12pl T T T T Arial E- Path: p Words:0 QUESTION 5 of 2,500 emissions 2,000 1,500 Polution charge 500 00 30 10 20 40 50 Quantity That Particle Emissions Are Reduced EXHIBIT 14-3 A Pollution Charge Exhibit n th NOy would react if the pollution ch pheand to king abc ow specific as you can giv charge was change comp pr...
Explain the advantages and disadvantages of coarse-grained access control with an example.
Explain the advantages and disadvantages of coarse-grained access control with an example.
Three dimensional arrays can be stored in row major order, as in C++. Develop the access...
Three dimensional arrays can be stored in row major order, as in C++. Develop the access function for row major arrangement for three-dimensional arrays. Assume the lower boundaries of the three dimensions are min(1), min(2) and min(3) respectively. Also assume the size of the three dimensions are size(1), size(2) and size(3) respectively. Assume the size of each element is one(1) to simplify the problem. The access function is to find the location of element a(i, j, k), i.e. location(a[i,j,k]) please...
1.What is access control and is it enough to security an entity? (Please provide a detail...
1.What is access control and is it enough to security an entity? (Please provide a detail response) 2.What are the attributes of an efficient access control system? 3.Relating to physical security explain some of the reasons an entity might want to establish restricted areas? 4.Enforcement is a vital component of an efficient access control system; list and describe at least three (3) procedures you would recommend for maintaining the integrity of a card or badge system.
a) Explain with appropriate diagrams the Logic Link Control (LLC) Layer and Medium Access Control (MAC)...
a) Explain with appropriate diagrams the Logic Link Control (LLC) Layer and Medium Access Control (MAC) layer. [5 Marks] b) Explain the scenario and the mechanism of Carrier Sense Multiple Access Collision Detection (CSMA/CD) in a network setting. [5 Marks] c) Discuss with the appropriate figure/s the concept of packet encapsulation and decapsulation. [5 Marks]
(TCO 5) What are the three major categories included in the planning phase of IT projects?
(TCO 5) What are the three major categories included in the planning phase of IT projects?
The three categories of Media Access discussed in the book are: 1) Random Access, Controlled Acess & Channelization 2) Random Access, Controlled Acess & Coordination 3) Random Access, Polling Acess & Channelization 4) Network Access, Controlled Acess & Channelization Save Question 26 (1 point) In pure Aloha, the sender expects the receiver to send 1) a CTS 2) an ACK 3) a RTS 4) None of the above Save Question 27 (1 point) In a station will send a frame...
4. Private Policies toward Externality a. Name three private policies toward externality b. Explain two policies of your choice
List the three major categories of exceptions and an example of each. Drag the appropriate items to their respective bins
QUESTION 4 List the three main categories of market-oriented environmental policies (according to the Taylor texbook). i 3 (12pl T T T T Arial E- Path: p Words:0 QUESTION 5 of 2,500 emissions 2,000 1,500 Polution charge 500 00 30 10 20 40 50 Quantity That Particle Emissions Are Reduced EXHIBIT 14-3 A Pollution Charge Exhibit n th NOy would react if the pollution ch pheand to king abc ow specific as you can giv charge was change comp pr...
Most questions answered within 3 hours.
-
Create a 32-run crossed array design with six control factors
and two noise factors such that...
asked 49 minutes ago -
A 500g sample of sand from source A has the following amounts
retained on each sieve....
asked 50 minutes ago -
In
your own words, please explain the essay by John Keynes wrote "The
End of Laissez...
asked 49 minutes ago -
How are the matrix and pixels related? Why are smaller
pixels better for diagnostic quality?
asked 52 minutes ago -
2. An AC generator has 80 rectangular loops on
its armature. Each loop is 11 cm...
asked 54 minutes ago -
Please help me with this question. Consider Aldi’s current and
potential geographic markets (see Exhibit 4...
asked 56 minutes ago -
What are the main components of the fermentation process and
give an explanation of each? Include...
asked 1 hour ago -
Explain which types of cells in the body (belonging to which
organs, etc.) are sensitive to...
asked 1 hour ago -
A single cable supports an 703-kg elevator car. What is the
tension in the cable when...
asked 1 hour ago -
among the three different ways to link CSS specifications to an
HTML document (inline CSS, document...
asked 1 hour ago -
(1) Write the net ionic equation for the reaction that occurs
when equal volumes of 0.191...
asked 2 hours ago -
On the night of April 18, 1775, a signal was to be sent from the
Old...
asked 1 hour ago