2. Generate a BLP lattice structured system where the objects and subjects are appropriately levelleto give access consistent with the access control matrix below. You need to describe the process bwhich you obtain your lattice. R and W correspond, respectively, to read and append. You are tuse only the mandatory BLP rules, and a default allow in place of the discretionary rule. Be sure tadd a level as necssary to ensure this is a lattice.0₁ 0₂RS₁ R03 04RRWS₂ RS3 R RW RWS₁ RS5 RS6 R R R1R05 06Ꭱ ] ᎡᎳW WWR3. For the following collection of statements, describe the sets of actions, objects, and subjects; andraw an access control matrix to represent the scenario.WWAlice can climb trees and eat apples.Bob can climb fences, eat apples, and wave flags.Trees can hurt apples.Carol can jump waves and wave flags.

Answered: 04 05 06 RRRW WWW W W W R R the sets of…

Database System Concepts

7th Edition

ISBN:9780078022159

Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan

Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan

Chapter1: Introduction

Section: Chapter Questions

Problem 1PE

See similar textbooks

Related questions

Concept explainers

Question

2. Generate a BLP lattice structured system where the objects and subjects are appropriately levelle
to give access consistent with the access control matrix below. You need to describe the process b
which you obtain your lattice. R and W correspond, respectively, to read and append. You are t
use only the mandatory BLP rules, and a default allow in place of the discretionary rule. Be sure t
add a level as necssary to ensure this is a lattice.
0₁ 0₂
R
S₁ R
03 04
R
R
W
S₂ R
S3 R RW RW
S₁ R
S5 R
S6 R R R
1
R
05 06
Ꭱ ] ᎡᎳ
W W
W
R
3. For the following collection of statements, describe the sets of actions, objects, and subjects; an
draw an access control matrix to represent the scenario.
W
W
Alice can climb trees and eat apples.
Bob can climb fences, eat apples, and wave flags.
Trees can hurt apples.
Carol can jump waves and wave flags.

Expert Solution

Step 1

I recall correctly, BLP is an example of a MAC (mandatory access control) system, while the access matrix you post is a simple RBAC system. You can't necessarily 'convert' between the two. MAC is based on the idea of labels (secret, top-secret etc), preventing information flow in certain directions between labels. RBAC is a completely 'flat' system; users are given rights to objects without regards to information flow.

So, you can't 'convert' the access matrix, but you can arrive at a lattice based on the access matrix by 'inventing' the extra information needed. Try to categorize the objects into MAC levels, and then assign users to those levels. You may arrive at conflicts: a user that has write access to a lower level (which violates the no-write-down property of BLP). Perhaps you could split the user in two, but in reality you wouldn't want people using multiple accounts. Another solution is to upgrade the classification of some objects, but that may give rise to new conflicts.

Step by step

Solved in 3 steps with 2 images

SEE SOLUTION Check out a sample Q&A here

Knowledge Booster

Learn more about

Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.

Similar questions