XACML The following represent two examples of XACML 2.0 policies. Which single one of these statements is false: a) An access request from Alice Samson at 14:00 on 01 January 2018 according to the first policy, will failComputer Security Coursework, 2020/2021 Page 11 b) Purpose of the last rule in each of the two policies is to deny any requests that are not covered by the previous permitting rules in each of the two policies c) If the two policies above were combined into one policy set in the order they appear with a policy-combining algorithm “first-applicable”, then the outcome of the request by Alice Samson be at 14:00 on 01 January 2018 to access the “server.acme.co.uk/docsserver” would be accepted when evaluated against the new policy set d) Adding to the AND of the condition a third part with a “anyURI-equal” function applied to an attribute “machine.alice.come” will strengthen the condition by also requiring that Alice’s request arrives from a particular URI address equal to machine.alice.com e) If the effects of rules “Example 2 Rule 1” and “Example 2 Rule 2” in the second policy were changed to “Deny” and the effect of rule “Example 2 Rule 3” was changed to “Permit”, then the outcome of the request from Alice Samson at 14:00 on 01 December 2017 would be permitted f) An access request from Alice Samson at 14:00 on 01 January 2018 according to the second policy, will succeed Explain your answer below
XACML
The following represent two examples of XACML 2.0 policies.
Which single one of these statements is false:
a) An access request from Alice Samson at 14:00 on 01 January 2018 according to the first
policy, will failComputer Security Coursework, 2020/2021 Page 11
b) Purpose of the last rule in each of the two policies is to deny any requests that are not
covered by the previous permitting rules in each of the two policies
c) If the two policies above were combined into one policy set in the order they appear with a
policy-combining
Samson be at 14:00 on 01 January 2018 to access the “server.acme.co.uk/docsserver” would
be accepted when evaluated against the new policy set
d) Adding to the AND of the condition a third part with a “anyURI-equal” function applied to an
attribute “machine.alice.come” will strengthen the condition by also requiring that Alice’s
request arrives from a particular URI address equal to machine.alice.com
e) If the effects of rules “Example 2 Rule 1” and “Example 2 Rule 2” in the second policy were
changed to “Deny” and the effect of rule “Example 2 Rule 3” was changed to “Permit”, then
the outcome of the request from Alice Samson at 14:00 on 01 December 2017 would be
permitted
f) An access request from Alice Samson at 14:00 on 01 January 2018 according to the second
policy, will succeed
Explain your answer below
Trending now
This is a popular solution!
Step by step
Solved in 2 steps