[Cisspstudy] cisspstudy Digest, Vol 15, Issue 17

TEC twayde86 at hotmail.com
Tue Sep 15 12:07:57 EDT 2009 

Let me clarify.


Would the strong star property rule also prevent the smart APFEL worker from 
reading the top secret information?
If so, is answer "Strong *-Property and Polyinstantiation" also correct.


Sarchasm -: The gulf between the author of sarcastic wit and the person who 
doesn't get it

> Today's Topics:
>
>   1. Re: strong star property rule (gerritsjs)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 14 Sep 2009 19:25:46 -0700
> From: "gerritsjs" <gerritsjs at gmail.com>
> To: "'The CISSP Study Mailing list'" <cisspstudy at cccure.org>
> Subject: Re: [Cisspstudy] strong star property rule
> Message-ID: <4aaefb2c.0e35640a.76d2.5784 at mx.google.com>
> Content-Type: text/plain; charset="us-ascii"
>
> Your third paragraph is misleading.
>
> jg
>
>
>
>  _____
>
> From: cisspstudy-bounces at cccure.org [mailto:cisspstudy-bounces at cccure.org]
> On Behalf Of TEC
> Sent: Monday, September 14, 2009 7:09 AM
> To: cisspstudy at cccure.org
> Subject: [Cisspstudy] strong star property rule
>
>
>
> Shon Harris 4th edition states
>
> "The third rule, the strong star property rule, states that a subject that
> has read and write capabilities can only perform those functions at the 
> same
> security level, nothing higher and nothing lower. So, for a subject to be
> able to read and write to an object, the clearance and classification must
> be equal."
>
> The answer to the below question is "Simple Security Property and
> Polyinstantiation" saying that Strong *-Property and Polyinstantiation is
> Half-right. The strong *-property limits a subject of a given clearance to
> writing only to objects with a matching classification. APFEL's attempt to
> insert an unclassified record was consistent with this property, but that
> has nothing to do with preventing APFEL from reading top secret 
> information.
>
> However if Shon is correct the strong star property rule addresses would
> prevent the subject from reading the top secret information?
>
> Tec
>
> For competitive reasons, the customers of a large shipping company called
> the "Integrated International Secure Shipping Containers Corporation"
> (IISSCC) like to keep private the various cargos that they ship. IISSCC 
> uses
> a secure database system based on the Bell-LaPadula access control model 
> to
> keep this information private. Different information in this database is
> classified at different levels. For example, the time and date a ship
> departs is labeled Unclassified, so customers can estimate when their 
> cargos
> will arrive, but the contents of all shipping containers on the ship are
> labeled Top Secret to keep different shippers from viewing each other's
> cargos.
>
> An unscrupulous fruit shipper, the "Association of Private Fuit Exporters,
> Limited" (APFEL) wants to learn whether or not a competitor, the "Fruit Is
> Good Corporation" (FIGCO), is shipping pineapples on the ship "S.S. Cruise
> Pacific" (S.S. CP). APFEL can't simply read the top secret contents in the
> IISSCC database because of the access model. A smart APFEL worker, 
> however,
> attempts to insert a false, unclassified record in the database that says
> that FIGCO is shipping pineapples on the S.S. CP, reasoning that if there 
> is
> already a FIGCO-pineapple-SSCP record then the insertion attempt will 
> fail.
> But the attempt does not fail, so APFEL can't be sure whether or not FIGCO
> is shipping pineapples on the S.S. CP.
>
> What is the name of the access control model property that prevented APFEL
> from reading FIGCO's cargo information? What is a secure database 
> technique
> that could explain why, when the insertion attempt succeeded, APFEL was
> still unsure whether or not FIGCO was shipping pineapples?
>
> *    *-Property and Polymorphism
> *
>
> Strong *-Property and Polyinstantiation
>
> *    Simple Security Property and Polymorphism
> * >
>
> Simple Security Property and Polyinstantiation
>
> You did not provide any answer to this question. Please review details
> below.
>
>
> <javascript:void(0)> Details
>
> Submit a comment on this
> <http://www.freepracticetests.org/quiz/qcomment.php?q=1944>  question
>
> The correct answer is:
>
> Simple Security Property and Polyinstantiation
>
> The Simple Security Property states that a subject at a given clearance 
> may
> not read an object at a higher classification, so unclassified APFEL could
> not read FIGCO's top secret cargo information.
>
> Polyinstantiation permits a database to have two records that are 
> identical
> except for their classifications (i.e., the primary key includes the
> classification). Thus, APFEL's new unclassified record did not collide 
> with
> the real, top secret record, so APFEL was not able to learn about FIGs
> pineapples.
>
> The following answers are incorrect:
>
> *-Property and Polymorphism
>
> The *-property states that a subject at a given clearance must not write 
> to
> any object at a lower classification, which is irrelevant here because 
> APFEL
> was trying to read data with a higher classification.
>
> Polymorphism is a term that can refer to, among other things, viruses that
> can change their code to better hide from anti-virus programs or to 
> objects
> of different types in an object-oriented program that are related by a
> common superclass and can, therefore, respond to a common set of methods 
> in
> different ways. That's also irrelevant to this question.
>
> Strong *-Property and Polyinstantiation
>
> Half-right. The strong *-property limits a subject of a given clearance to
> writing only to objects with a matching classification. APFEL's attempt to
> insert an unclassified record was consistent with this property, but that
> has nothing to do with preventing APFEL from reading top secret 
> information.
>
> Simple Security Property and Polymorphism
>
> Also half-right. See above for why Polymorphism is wrong.
>
>
> The following reference(s) were/was used to create this question:
>
> HARRIS, Shon, CISSP All-in-one Exam Guide, Third Edition,
> McGraw-Hill/Osborne, 2005
>
>    Chapter 5: Security Models and Architecture (page 280)
>    Chapter 11: Application and System Development (page 828)
>
> Question contributed by: Mark Heckman
> Email or CCCure Nickname of question author:mrheckman
> Question reviewed by: Clement Dupuis
> Question comment submited by:
>
> Comment:
>
> You could see wordy scenario questions like this on the CISSP exam. They
> require reasoning, application of general security concepts to a specific
> situation, and the ability to filter out extraneous information. The keys 
> to
> this question are as follows:
>
> 1) That Bell-LaPadula is the access control model and that a low-clearance
> subject could not read a high-classification object. That leaves only 
> Simple
> Security Property as an option.
>
> 2) That an insertion of a low-classification record in a database did not
> conflict with a record at a high classification. The only concept that
> describes this situation is Polyinstantiation.
>
>
>
> Sarchasm -: The gulf between the author of sarcastic wit and the person 
> who
> doesn't get it
>
> >
> End of cisspstudy Digest, Vol 15, Issue 17
> ******************************************
>

More information about the cisspstudy mailing list