Given the following command for the HRU Access Control Matrix model:
command do-something(sub0; sub1; o)
if f in a[sub0; sub1] and m in a[sub1; sub0]
then
createobject
end
1. Given the following matrix, show the result (modified matrix) after executing/ calling the commanddo-something(A; B;Obj5)
|
|
Obj1
|
Obj2
|
Obj3
|
Obj4
|
...
|
A
|
B
|
C
|
. . .
|
|
A
|
r
|
rw
|
rw
|
rwx
|
...
|
m
|
f
|
|
|
|
B
|
w
|
w
|
wx
|
|
...
|
m
|
|
|
|
|
C
|
w
|
r
|
r
|
r
|
...
|
f
|
|
|
|
|
. . .
|
|
|
|
|
...
|
|
|
|
|
Where (r: read, w: write, x: execute, m: modify, f: function) and sub stands for subject, A,B,C are subjects, and Obj stands for Objects
do-something(A;B;Obj5) is a call to the command with the arguments A,B,Obj5
2. Using the syntax in Section 2.3. Write a command delete_object(sub1,sub1) that will delete any occurrences of sub1 if sub1has the right m with itself
3. How will the matrix above result if we execute the command in question 2 for each subject. Hint: it will only succeed in one occurrence
4. Suppose we have a security policy that enforces integrity to its maximum. What needs to be done to the matrix above for enforcing this policy?