Computer Science 530 - Assignment #2 -- Fall 2020

Due: Wednesday, October 14, 2020, 11:00 p.m.

  1. Explain the difference between an access control list and a capability list using as examples, devices for controlling access to doors (keys, card keys, and armed guards). What would be the benefits of each approach, and the drawbacks. In each case, is there authentication, and if so how? What corresponds to the subject entry of the matrix, the object entry, and the rights.
  2. What are the benfits of mandatory access controls such as those described by the Bell-Lapadula model, as compared with discretionary controls like those supported in most unix filesystems? Give examples where mandatory access controls are useful in end-user systems today.

INSTRUCTION:

The report must be submitted by 11:00 p.m. on Wednesday October 14, 2020. The report should be approximately 3 pages, or roughly 1200 to 1500 words. To submit your report you will use the USC DEN D2L Assignment Dropbox for CSci530 Fall Semester 2020. Please be sure to include your name and USC ID number in the body of the assignment (i.e. within the Word, PDF, or Text File).

For the three reading reports in this course (of which this is one), students may receive an automatic extension of 48 hours total that may be applied across the three homework assignments. If you turn in one of your assignments 8 hours late, then you will only have 40 hours remaining in extensions to use on subsequent assignments. I suggest not using the whole 48 hours on the first assignment, because if you have an unforseen scheduling issue that arises later in the semester, it will be your problem. Late assignments (beyond any extension) will be assesed 1 full letter penalty per day they are late, and if the topic of an assignment is covered in the lecture following the due date, then the assignment will not be accepted beyond that lecture.

GUIDELINE:

This is a lot to cover in so few words - so our advice is to write a first pass at your answer that is longer, and then edit out material that is redundant or not to the point. The use of tables can be very effective in conveying your ideas in a small area, but the tables must be integrated with your textual discussion, and not the only item in your submission.