Principles of Security Models, Design, and Capabilities Exam with Complete Solutions

Confinement (or confinement property) - ANSWER-The principle that allows a process to read from and write to certain memory locations and resources only. This is an alternate name for the * (star) Security Property of the Bell-LaPadula model. Bounds - ANSWER-The limits to the memory and resources a process can access. Isolation - ANSWER-A concept that ensures that any behavior will affect only the memory and resources associated with the process. Control - ANSWER-The use of access rules or countermeasures to limit a subject's access to an object. Trusted System - ANSWER-A secured computer system. Assurance - ANSWER-The degree of confidence that security needs are satisfied. Assurance must be continually maintained, updated, and reverified. Security Token - ANSWER-a separate object that is associated with a resource and describes its security attributes Capabilities list - ANSWER-Each row of an access control matrix is a capability list. A capability list is tied to the subject; it lists valid actions that can be taken on each object. Trusted Computing Base (TCB) - ANSWER-The combination of hardware, software, and controls that form a trusted base that enforces your security policy. Security Perimeter - ANSWER-The imaginary boundary that separates the trusted computing base from the rest of the system Trusted Path - ANSWER-Secure channel used by the TCB to communicate with the rest of the system. Reference Monitor - ANSWER-A portion of the security kernel that validates user requests against the system's access control mechanisms. Security Kernel - ANSWER-The core set of operating system services that handles all user/application requests for access to system resources.