4:
The principle of least privilege (PoLP) is a security concept that advocates granting users and
entities only the minimum level of access and permissions necessary to carry out their legitimate
tasks and [Link] is based on the idea that users and systems should be restricted to
accessing only the resources and information that are essential for their specific roles and functions,
while being prevented from accessing any unnecessary or sensitive [Link] key aspects of the
principle of least privilege are the following:Minimum necessary access, Role-based access control
(RBAC);Need-to-know basis;Principle of minimalism and Privilege separation
5:
In the capability list model, each user or entity is assigned a list of capabilities, which are essentially
tokens or references that grant access to specific resources or operations. These capabilities
represent the user's authority to perform certain actions or access certain resources within the
[Link] the access control matrix model, access rights are represented using a matrix-like
structure that specifies the permissions or access levels for each user or entity on each resource. The
matrix consists of rows representing users and columns representing resources, with the entries
indicating the access rights for each [Link] control matrices can be implemented using
different techniques, such as access control lists (ACLs) or capabilities, to define the entries and
manage the access rights. The matrix can be stored centrally or distributed across multiple systems,
depending on the architecture and requirements of the [Link] a user requests access to a
resource, the system checks the corresponding entry in the access control matrix to determine if the
requested access is allowed. If the user's access rights match or exceed the required level of access,
the system grants permission; otherwise, the request is [Link] control matrices provide a
flexible and comprehensive representation of access control, as they can handle complex access
scenarios involving multiple users and resources. However, managing and enforcing access control
matrices can become complex and resource-intensive as the system scales.
The main problems associated with the use of capability lists is the challenge of secure management
and distribution of capabilities these are caused by Capability Leakage, Capability
Inheritance,Capability Revocation,Capability Management and Administration.
8:
Raising the security level of an object in the Bell and LaPadula (BLP) model does not violate either
of the BLP properties. The two BLP properties are:
a. Simple Security Property (No Read Up): This property states that a subject at a certain security
level (e.g., low) should not be allowed to read information from an object at a higher security level
(e.g., high). Raising the security level of an object does not violate this property because the
information flow is still restricted from high to low. Subjects at a lower security level would still be
prevented from reading information from the object at the higher security level.
b. *-Property (No Write Down): This property states that a subject at a certain security level should
not be allowed to write (modify) information to an object at a lower security level. Raising the
security level of an object does not violate this property either because the integrity of the object is
�preserved. Subjects at a higher security level can still write to the object, but they cannot write
down to a lower security level.
In both cases, raising the security level of an object maintains the information flow and access
restrictions as specified by the BLP model.
Raising the integrity level of an object in Biba's Strict Integrity model can potentially violate the
principles of the model. Biba's Strict Integrity model focuses on maintaining the integrity of data
and preventing unauthorized modification. The key principles of Biba's model are:
a. Simple Integrity Property (No Read Down): This property states that a subject at a certain
integrity level should not be allowed to read information from an object at a lower integrity level.
Raising the integrity level of an object does not violate this property because the information flow is
still restricted from low integrity to high integrity. Subjects at a lower integrity level would still be
prevented from reading information from an object at a higher integrity level.
b. *-Property (No Write Up): This property states that a subject at a certain integrity level should
not be allowed to write (modify) information to an object at a higher integrity level. Raising the
integrity level of an object does not violate this property either because the higher integrity level is
maintained. Subjects at a lower integrity level can still write to the object, but they cannot write up
to a higher integrity level.
Raising the integrity level of an object aligns with the principles of Biba's Strict Integrity model by
preserving the integrity of the data and preventing unauthorized modification.
