CSci530/Neuman -- Assignment #2 -- Fall 2007

Computer Science 530 - Homework 2 -- Fall 2007

Due: Wednesday, October 10, 2007, 11:00 p.m.

Instructions for submitting the homework appear at the end of the assignment.

Explain the difference between an access control list and a capability list using as examples, devices for controlling access to doors (keys, card keys, and armed guards). What would be the benefits of each approach, and the drawbacks. In each case, is there authentication, and if so how? What corresponds to the subject entry of the matrix, the object entry, and the rights.
What are the benfits of mandatory access controls such as those described by the Bell-Lapadula model, as compared with discretionary controls like those supported in most unix filesystems? Give examples where mandatory access controls are useful in end-user systems today.

INSTRUCTION:

The report must be submitted by 11:00 p.m. on October 10, 2007. The report should be approximately 3 pages, or roughly 1200 to 1500 words. To submit your report you will use the DEN Blackboard assignent submission mechanism. You will use this method regardless of whether you are an on-campus student or a DEN student.

How to submit Assignment #2:

STEP 1. Please login to DEN.USC.EDU, and select csci530.
STEP 2. Please select "Assignment" in the menu.
STEP 3. Please select "view/Complete Assignment #2".
STEP 4. Please select "File To Attach" to attach your report. (NOTE: PDF, MS WORD, ASCII TEXT ONLY! Other formats are NOT acceptable.)
STEP 5. Please select "Submit" button. (If you select *SAVE* button instead of *submit*, then the TA cannot view your report for grading.)

It is the individual student's responsibility to follow the submission instruction. Submissions that do not follow this instructions, e.g., submitted late, or only "Saved" and not submitted. may be penalized or may not be graded at all. Note that the submission box for the assignment may dissapear from the class web site at 11PM on October 10, i.e. the submission deadline.

GUIDELINE:

This is a lot to cover in so few words - so our advice is to write a first pass at your answer that is longer, and then edit out material that is redundant or not to the point. The use of tables can be very effective in conveying your ideas in a small area, but the tables must be integrated with your textual discussion, and not the only item in your submission.