Homework 5 - Project Milestone, Assurance and Malicious Logic
Due: Friday May 25, 2012 at midnight
Part 1 - Project Milestone (10 points)
Provide an outline of your project paper. The outline should describe the
main sections of your paper and relevant subsections. A typical Computer
Science survey paper will contain at least the following main sections:
- Introduction
- Survey of Prior Work
- Conclusions
A typical Computer Science research paper on the other hand will have the
following main sections:
- Introduction
- Prior Work
- Setup/Methodology
- Results
- Conclusions
- Future Work
You should flesh out each of these basic outlines (choose either the survey
outline or the research outline based on what you are doing for your project)
with more details about the subsections of each section. For example, the
"Prior Work" section would have one subsection per reference, so you would
list each reference you've gathered under that section.
Part 2 - Questions (10 points)
- Describe the difference between validation and verification.
- What are the advantages and disadvantages that an operating system vendor
might consider when deciding whether or not to undergo the formal
evaluation process?
- Could capabilities be used to limit the damage a Trojan horse can do?
Consider how capabilities differ from access control lists in your
response.
- How could confinement be used to limit the damage a Trojan horse can do?
- Consider a system which implements Bell LaPadula for unclassified,
classified and secret levels. Could a macro virus first introduced
in an unclassfied document infect documents at the secret level?
Why or why not?