Name: Rosales, Mikole Ken V.

Exercise 1: Access Control Matrix

Juan can read FileA, can append to FileB, and can write to FileC. Pedro can append to FileA, can write to
FileB, and cannot access FileC.

1. Write the access control matrix M that specifies the described set of access rights for subjects
Juan and Pedro to objects FileA, FileB and FileC

FileA FileB FileC

Juan {read) {append} {write}
Pedro {append} {write} {}

Exercise 2: Access Control Lists and Capability Lists

1. What are the basic differences between access control lists (ACL) and capability lists (CLists)?
-The basic differences between the two is that access control lists are object-focused which
explains that for each object there is a list of subjects. On the contrary, capability lists are
opposite to the control lists since CLists are subject-focused which explains that for each
subject there is a list of objects. When using ACL, one would have to enumerate through the ACL
for each file in the set and delete the user from the file’s ACL. On the other hand, using CList,
one would directly get the user’s CList. ACLs require accessing and updating multiple ACLs.
CLists require accessing and updating one CList.

2. Write a set of access control lists for the situation given in exercise 1.
- ACL(FileA)= Juan: {read}, Pedro: {append}
- ACL(FileB)= Juan: {append}, Pedro: {write}
- ACL(FileC)= Juan: {write}, Pedro: {}

3. Write a set of capability lists for the situation given in exercise 1.

- CList(Juan)= FileA: {read}, FileB: {append}, FileC: {write}

- CList(Pedro)= FileA: {append}, FileB: {write}, FileC: {}

Exercise 3: Bell-LaPadula Model

Given the access rights defined in exercise 1,

the subject’s security levels are

LJuan = Confidential and

LPedro = Secret

the object’s security levels are

LFileA = Unclassified,

LFileB = Secret,

LFileC = Top Secret.

Top Secret > Secret > Confidential > Unclassified

 1. Which of the following actions are allowed? Explain and justify your answer.
A. Juan reads FileA
- Based on ACM
Condition: read elements M(Juan, FileA) -> /
- Security Levels
LJuan = Confidential, LFileA = Unclassified
Condition: LJuan >= LFileA -> /

Grant Access: Juan is allowed to read FileA

B. Juan reads FileB

- Based on ACM
Condition: read elements M(Juan, FileB) -> X
- Security Levels
LJuan = Confidential, LFileB = Secret
Condition: LJuan >= LFileB -> X

Access Denied: Juan is not allowed to read FileB

C. Pedro appends to FileA

- Based on ACM
Condition: append elements M(Pedro, FileA) -> /
- Security Levels
LPedro = Secret, LFileA = Unclassified
Condition: LPedro >= LFileA -> X

Access Denied: Pedro is not allowed to append FileA

D. Pedro appends to FileC

- Based on ACM
Condition: append elements M(Pedro, FileC) -> X
- Security Levels
LPedro = Secret, LFileC = Top Secret
Condition: LPedro <= LFileA -> /

Access Denied: Pedro is not allowed to append FileC

Exercise 4: Role-Based Access Control

1. Draw the role-based access diagram for this scenario

Objects are bank accounts

Subjects are bank employees

The set of bank accounts forms a data type

We define roles

– Teller

– Clerk

– Administrator

We define procedures for

– Crediting accounts (CA)

 – Debiting accounts (DA)

– Transferring funds between accounts (TF)

– Creating new accounts (NA)

We assign procedure

– CA and DA to the Teller role

– TF to the Clerk role

– NA to the Administrator role

– The Administrator role can run all the procedures