All grades on Midterm Exam 2:

100 99 97 97 96 90
87 84 82
78 75 71 63
63
58 57 54 52
48 45
32
22

Answers to CS 426 Midterm Exam 2, Spring, 2008

1.
a. 19   b. 28   c. 10   d. 24   e. 17   f. 36   g. 9   h. 22   i. 5   j. 30

2.
a. Divide responsibility for a critical task among several people, even
   though any one of them could perform the whole task, to reduce the
   possibility of abuse.

b. Access to a critical object should depend on at least two conditions,
   so that the object will still be protected if one condition fails.

c. Each user/process should run with the fewest privileges needed to
   do its job.

d. Avoid shared objects unless really needed.  Use logical or physical
   separation instead.  (Shared objects may be used as covert channels.)

3.
C1 C2 B1 B3 A1

4.
Object reuse protection is the thorough erasing of memory (disk, tape,
main) after one process finishes with it and before another process
uses it.  This adds assurance because it prevents the second process
from reading secrets stored temporarily by the first process.
Expensive machines can sometimes read magnetic media that has been
erased by writing over it only a few times.

5.
Audit log reduction is the periodic search of the current log looking
for anomalies.  Parts of the log that are clearly not evidence of an
anomaly are deleted, reducing the size of the log, which may be huge.
This regular automatic search for anomalies increases trust in the
operating system because intrusion and other anomalies are likely to
be detected quickly.  Furthermore, the reduced size of the log makes
it easier to find anomalies whose evidence is widely spaced in the log.

6.
s create tg for new object y
s grant g for y to p
p grant r for x to y
s take r for x from y