Beruflich Dokumente
Kultur Dokumente
40
BMIS 33243
*******************************************
Revision 1
*******************************************
ID: ________________________
QUESTION 1
Consider the commercial organizations, ABC Ltd., whose research department is engaged in a joint venture
with an external organization, DEF Ltd. There is a need to organized access control for ABC itself, and also to
allow limited access for members of DEF staff to research department files. DEF staff gain access from
terminals in their own research laboratory by means of a communication network. After an audit of the security
arrangements at both sites, ABC have selected a policy to allow DEF limited security administration rights to
control the users who can access ABC.
ABCs system consists of a number of computers connected by a company network. The scenario makes
no assumption about what resources are located on what computer, but requires a global identification scheme
so that all objects may be identified uniquely.
ABC Ltd ABC Ltd
Managing director Managing director
NHMR/Feb 2012
Security PERSONNEL Scientist Support Staff
admin
Revision 1 DSM/BMIS 33243
Diagram 1
(a). Based on the above conventional organization tree depicted in Diagram 1, create an equivalent domain
representation of organization as viewed from ABC.
[8 Marks]
(b). Explain in detail SIX (6) differences between user and mechanism views of object and user and
mechanism views of domains as proposed by Domino project (Moffett & Sloman, 1992).
[12 Marks]
QUESTION 2
Objectives of security within distributed systems can be defined at a number of different levels, from a high-
level objective to a low-level one, with a hierarchy of objectives in between. Each level helps to achieve the
objectives of a higher level.
(a). Primary objective of security correspond to threats (such as disclosure, corruption, loss, denial of service,
impersonation and repudiation).
(i). Identify and explain in detail the THREE (3) primary security objectives which apply to both stored
data and messages in transit.
[9 Marks]
(ii). Identify and explain in detail the other TWO (2) primary security objectives which apply specifically
to communication between users and/or programs.
[6 Marks]
NHMR/Feb 2012
Revision 1 DSM/BMIS 33243
(b). Secondary security objectives provide access control, audit trails and security alarm services. Explain in
detail on how the objectives can be achieved.
[5 Marks]
NHMR/Feb 2012