UNIVERSITY OF ZIMBABWE

Faculty: Computer Engineering Informatics and

Communications
Department: Computer Science
Name: Lee Tabulo
Reg Num: R216979M
Program Code: HCS
Course Code: HCS412
Assignment 2: Access Controls

1. Discretionary Access Control (DAC) is an access control mechanism wherein the resource owner
determines both the access permissions and the actions that can be performed on the resource. In
 the context of DAC, the owner has the authority to define access levels and restrictions based on
user identities rather than predefined levels. Consequently, user access is granted based on their
individual identities rather than assigned levels.

Mandatory Access Control (MAC) is an access control mechanism where access decisions are
made according to a predefined set of rules or policies established by a system administrator.
Within a MAC system, the administrator assigns access permissions to individual users or groups
based on their respective security clearance levels.
The system solely governs access, and resource restrictions are enforced based on the clearance
levels of the entities involved. Consequently, user access is restricted in accordance with their
authority and hierarchical position.
2.

accounts cv.txt exam solutions accounting

Alice R R, W R R
Bob R R R R
Charlie R R R R R, W

Alice can only write to cv.txt, but she can read anything.
Bob can read all objects but cannot write any.
Charlie can read and write to accounting and accounts and read all other objects.

3. i) Group 1 is the first pertinent entry since Alice belongs to Group 1. Alice only has read access
to File 1, and Group 1 can only read File 1.

ii) Alice belongs to both Groups 1 and 2. Alice can write to File 1, just as Group 2 can read
and write to it.

iii) The file's access control list could be formatted as follows:

• File 2: Alice, Group 2, RWE, None

4. 4. The least privilege principle promotes giving users the minimal amount of access required to
carry out their duties. To follow this guideline, it is necessary to pinpoint the duties connected to
a user's position, determine the minimal level of access necessary to perform those duties, and
confine the user to a domain that accurately includes those rights and no additional ones. By
denying subjects access to transactions that are not essential for their job functions, any restricted
privileges are effectively prevented from being exploited to bypass the organization's security
policy.

5. Capability lists document the specific rights that each principal possesses regarding the listed
resources. But one major problem with capability lists is that they can make changing a resource's
status difficult because it can be difficult to figure out which people have been authorized to
access it. This issue becomes particularly pronounced when, for example, one needs to alter the
status of a program to prevent any user from executing it. Similarly, changing the status of a file
 can pose difficulties, especially when investigating an incident or gathering evidence related to a
crime.

6. Attribute certificates are intricately linked to public key certificates. Essentially, attribute
certification serves as an extension of Public Key Infrastructure (PKI) that enables the support of
authorization-related tasks alongside authentication. Attribute certificates offer a means to verify
the association between specific attributes and a designated subject.

7.

File Owner Group Others

r w e r w e r w e
Prog1 1 1 1 1 0 1 1 0 0
Data1 1 1 1 1 0 0 0 0 0

Prog1 can be read, written, and executed by its group as well as by its owner. It is also
readable by other users.

While its owner and group can read, write, and execute Data1, other users are unable to do
anything with it.

Advantages
 They are very simple.
 They are efficient because they have no lists to search. Access privileges are
recorded directly with the related objects.

Disadvantages
• Because they grant a fixed set of rights to a fixed group of subjects, they
are incredibly rigid.

8. i) Increasing the classification of an object does not contravene the principles of the Bell-
Lapadula model, as this model relies on the subject's clearance level and the classification
assigned to the object. Consequently, if the object is appropriately classified, all the properties of
the model will remain intact. Therefore, elevating the classification of the object solely alters the
set of individuals authorized to read from and write to that object, without violating the star and
simple properties. In essence, a subject cannot read an object with a higher clearance level than
their own, and an item having a lower clearance level than the subject's own cannot be written to.

ii) Augmenting the integrity level of an object does not violate the principles of Biba's Strict
Integrity model. On the contrary, it aligns with the model's objective of preventing
information compromise by prohibiting access at a lower integrity level.