* 7 *
- Explain the difference between a security
model and a security policy? A security model tells
us what concept and features are available for discussing security. A
security policy is a political manifesto for how to define and deal with
security breaches, using the tools and ideas from the model.
- What are the four basic areas that a complete model of security must cover. Explain
why it would be difficult to provide a description of total security.
Privacy, integrity, authentication and trust. Difficult to discuss
things like trust without reference to specific examples. How does one
- Explain why host configuration is an important issue in security.
If the host has been compromised then there can be no security. If the host
doesn't work, it is meaningless to speak of its security. We can configure
hosts correctly and incorrectly, securely and insecurely.
- What is meant by a finite state machine? Give
some examples of systems which can be thought of as finite state
machines. A system whose overall state can be described by
the coordinates in some N-dimensional lattice. Any digital computer
system can be described as a finite state machine (called a Turing machine).
For instance, a disk filesystem is a FSM, where the states are the
ownerships and permission bits on the files.
- Describe briefly the
Bell-LaPadula model. What are its limitations? What other models have
attempted to generalize this model. See notes. File permissions,
security levels, secure transitions. Does not address changes in
permissions. Has obviously insecure states. Does not address issue