Online Learning Platform

Information SEcurity > Multilevel Security (MLS) > Assignment

Some Questions:

  1. Explain how the integration of Attribute-Based Access Control (ABAC) with Multi-Level Security (MLS) enhances traditional clearance-based models.
  2. Consider a system where users from different departments (e.g., HR, Finance, Legal) have overlapping but distinct data access needs. How would you design a hybrid MLS+ABAC policy to ensure both confidentiality and operational flexibility without over-provisioning access?
  3. A user with Secret clearance attempts to collaborate on a project involving Top Secret data. Propose a secure mediation approach that allows partial collaboration without violating MLS policies. Discuss trade-offs.
  4. What are the potential insider threats when users with different clearances interact in an MLS environment? How can compartmentalization and audit mechanisms mitigate these risks?
  5. Critically evaluate the Bell-LaPadula model’s effectiveness in modern enterprise systems where data sharing and collaboration across levels is often necessary. What mechanisms would you add to support secure write operations without compromising confidentiality?
  6. Design a secure architecture for an industrial control system using the Biba model. How would you handle external sensor data, which may come from untrusted sources, while maintaining system integrity?
  7. Compare the effectiveness of Biba vs. Bell-LaPadula in a healthcare records management system. Which model—or combination—would better protect against both data leaks and unauthorized modifications? Justify.
  8. Explain how inference attacks can occur even when direct access to sensitive data is restricted. Provide an example using statistical queries and discuss how aggregation thresholds can mitigate this threat.
  9. Design a query auditing system for a public health database that detects and blocks inference attempts while allowing legitimate research queries. What criteria would you use to flag suspicious query patterns?
  10. How can inference control be applied in recommender systems without compromising user privacy or system accuracy? Illustrate with a real-world scenario (e.g., Netflix, Amazon).
  11. Differentiate between physical and logical integrity in database systems. In what scenarios might logical integrity be compromised even if physical integrity remains intact? Provide real-world examples.
  12. You are responsible for data center operations in a financial institution. Outline your strategy for ensuring physical integrity in the face of power outages, natural disasters, and hardware failures.
  13. A file stored in a shared cloud drive has a hash value mismatch during retrieval. List potential causes and suggest verification methods to determine whether the issue was due to accidental corruption or intentional tampering.
  14. Compare the role of cryptographic hash functions vs. digital signatures in verifying data authenticity and non-repudiation. How can these be combined in secure messaging protocols?
  15. Explain how digital signatures can be used in blockchain systems to verify transaction authenticity and ensure integrity across distributed nodes. What are the potential vulnerabilities if the private key is compromised?
  16. You’re tasked with securing an e-commerce platform’s transaction records. Propose a layered integrity control plan using access control, hashing, digital signatures, and anomaly detection.
Prev
Tools and policies

No More

Feedback
ABOUT

Statlearner


Statlearner STUDY

Statlearner