Assignment 5, due Mar 4

Part of the homework for 22C:169, Spring 2005
by Douglas W. Jones
THE UNIVERSITY OF IOWA Department of Computer Science

Always, on every assignment, please write your name legibly as it appears on your University ID and on the class list! All assignments will be due at the start of class on the day indicated, and unless there is what insurance companies call "an act of God" - something outside your control; the only exceptions to this rule will be by advance arrangement.

For those taking the course by video link, assignments may be submitted electronically by E-mail to Rajiv Raman. Please do not use obscure attachment formats! Plaintext E-mail is preferred to HTML, Word, RTF or other even more obscure formats!

  1. From chapter 3, do exercise 14, but then note: This is an authentication problem, taken from a new perspective. So, having answered the question, explain the relevance of the result to the problem of authenticating legitimate users. (0.5)

  2. From chapter 4, do problem 6, but know that the answer is yes, so explain, in some detail, how this is so. (0.5)

  3. From chapter 4, do problem 11, and then think about the relative speed of instruction execution by the central processor versus the speed of fast input/output devices. Is address translation really so time consuming? (0.5)

  4. A very common objection to capability-based addressing is the difficulty of revoking access to an object once a capability for that object has been given to a process. (Question 15 from chapter 4 is related to this.) One argument is that revocation is unnecessary. If you give a process access to an object, even briefly, it could copy the object, so what good is revocation?

    a) Given that process A with access to an object could copy it, why might some other users of that object, processes B and C, want to revoke A's access? (0.5)

    b) Suppose you are writing code in a sysstem that did not permit access to an object to be revoked after it had been granted. Given the situation outlined above, what should B and C do if encountered the situation you identified in part a above? (0.5)

  5. Given that a decision has been made to use a smart-card based authentication system, what constraints would you place on the authentication protocol in order to assure that it is resistant to forgery and to evesdropping? (0.5)

  6. Do problem 5 of chapter 5. (0.5)

  7. Under the Unix file system, explain how a file can end up so that the processes that can attempt to open the file are unable to access the file's contents, while the process that owns the file (and is billed for the storage requirements of the file) is unable to delete it or change the access rights. Problems 10 and 16 of chapter 5 are relevant to this. (0.5)

  8. Do problem 11 of chapter 5. (0.5)

  9. Do problem 14 of chapter 5. (0.5)