Access Control Models

Access Control Models

CSC 437 Computer Security Instructor: Dr. Natarajan Meghanathan Question Bank for Module 4 Access Control Models 1) Differentiate between authenticati...

15KB Sizes 0 Downloads 8 Views

CSC 437 Computer Security Instructor: Dr. Natarajan Meghanathan Question Bank for Module 4 Access Control Models 1) Differentiate between authentication and access control? 2) Briefly explain about three major access control models that we discussed in the class? 3) Briefly explain some of the major requirements (at least 4) for access control? 4) What are the three basic elements (entities) involved in access control? Briefly explain them. 5) What are the pros and cons of Access Control Lists and Capability Lists? 6) Explain the concept of SetUserID and SetGroupID in UNIX OS and in what context they are used? 7) What is the purpose of setting each of these bits for a directory: read bit, write bit, execute bit. 8) What is purpose of setting a "sticky" bit for a file and for a directory? 9) Consider a file M.txt. What would be the command and the corresponding options/parameters you would pass to have this file be readable by all users (including the owner and his group), writeable only by the owner, and executable by the owner and group? 10) Suppose there exists an executable file N.exe that is owned by the root. How would you setup the permissions for this file so that a regular user and the group to which s/he belongs to can also execute the file with the same privileges that the root has? 11) Among the three access control models we saw in the course, which model is more scalabale (i.e., applicable for a system with a larger number of users) and why? 12) Differentiate between Core RBAC, Hierarchical RBAC and Constrained RBAC? 13) Compare the following in the context of RBAC: a. Static Separation of Duties vs. Dynamic Separation of Duties. b. User Inheritance vs. Permission Inheritance vs. Activation Inheritance