1answer.
Ask question
Login Signup
Ask question
All categories
  • English
  • Mathematics
  • Social Studies
  • Business
  • History
  • Health
  • Geography
  • Biology
  • Physics
  • Chemistry
  • Computers and Technology
  • Arts
  • World Languages
  • Spanish
  • French
  • German
  • Advanced Placement (AP)
  • SAT
  • Medicine
  • Law
  • Engineering
Fed [463]
3 years ago
5

You work in a classified environment where Bell LaPadula MLS (Multilevel Security) model is employed. Your clearance is "SECRET"

(on a scale TOP SECRET > SECRET > CLASSIFIED > UNCLASSIFIED). Your company is furnished with a shared and synchronized cloud drive, where: >>A user, any clearance, can send a document, accessible by any computer in the same network, no matter the clearance. >>The document can be printed by any employees, using a computer with the right clearance. >>All the computers connected to the same network can see the documents in the drive. >>The user's computer clearance is the same as the user's clearance. >>The document is added to the print queue of the station without any delay. >>The classification of the document to print is the same as the clearance of the computer used to upload it. Please, describe a potential covert channel to disclose SECRET documents to someone with CLASSIFIED clearance. PROBLEM: If you print SECRET documents, you go directly to jail, without passing GO. The system, in fact, checks any document added to the drive. If documents with clearance higher than UNCLASSIFIED are printed, it raises an alarm.
Computers and Technology
1 answer:
kumpel [21]3 years ago
7 0

Answer:

The answer is by using a covert channel like shared memory objects such as files, directories,messages, etc since both  the user and the sender of the document are on same network of the company.

Explanation:

The Bell LaPadula MultiLevel Security model was a security policy developed by Bell and LaPadula in 1973 in response to a security issue raised by the US Air Force regarding file-sharing mainframe computers . Actually, many people with networked systems have realized by early 1970s that the protection purportedly offered by many commercial operating systems was poor, and wa not getting better any time soon. This was observed when it was noticed that as one operating system error was fixed, some other vulnerability would be discovered. There was also the constant worry that various unskilled users would discover loopholes in the operating system during usage and use them to their own advantage.

 Information release may take place via shared memory objects such as files, directories, messages, and so on. Thus, a Trojan Horse acting on behalf of a user could release user-private information using legitimate operating system requests. Although developers can build various mechanisms within an operating system to restrict the activity of programs (and Trojan Horses) operating on behalf of a user  , there is no general way, short of implementing nondiscretionary policy models, to restrict the activity of such programs. Thus, given that discretionary models cannot prevent the release of sensitive information through legitimate program activity, it is not meaningful to consider how these programs might release information illicitly by using covert channels.

For example, for someone with higher integrity level (SECRET) to send an accounts payable application to a user, if the untrusted accounts payable application contains a Trojan Horse, the Trojan Horse program could send a (legal) message to the said user process running at a lower integrity level (CONFIDENTIAL), thereby initiating the use of a covert channel. In this covert channel, the Trojan Horse is the receiver of (illegal) lower integrity-level input and the user process is the sender of this input.

You might be interested in
HELP asap please... ​
Usimov [2.4K]

Answer:

I have absolutely no idea bruddah.

Explanation:

Soz!

8 0
3 years ago
If it is impractical to place guest users in a secure network, isolated from the production network by firewall barriers, then:
IgorLugansk [536]

Answer:

specific areas of access should be determined and they should be as restrictive as possible.

Explanation:

According to my research on security features of networks , I can say that based on the information provided within the question then specific areas of access should be determined and they should be as restrictive as possible. This would provide the highest level of security while still allowing production to be smooth.

I hope this answered your question. If you have any more questions feel free to ask away at Brainly.

7 0
3 years ago
Why might a peer-to-peer network not be the best choice for a large corporate office setting?
omeli [17]

Answer:

a it is less private

Explanation:

8 0
3 years ago
You have installed a device that has eight interfaces and does not forward broadcast packets. What kind of device did you instal
Novay_Z [31]
A router, possibly. Thought I'm not for sure because I'm not in computers and technology

7 0
2 years ago
Read 2 more answers
Is there an answer to these picture?
Tomtit [17]

Answer:

yes there is an answer to this question

6 0
3 years ago
Other questions:
  • This is an electronic method used to send and receive data–voice, text, images, and video.
    13·2 answers
  • To use the program service routines, the user's program makes requests to the operating system through the
    10·1 answer
  • Ssume the following variables contain the values shown: numberRed = 100 numberBlue = 200 numberGreen = 300 wordRed = "Wagon" wor
    5·1 answer
  • What is mendix about?
    10·1 answer
  • Need help ASAP Examples of utilities that make it possible for people to create and share multimedia files include _____. audio
    9·2 answers
  • What is earning potential?
    10·1 answer
  • .- Una tienda de vestidos de fiesta, ofrece un descuento a las personas
    15·1 answer
  • Determina la cilindrada total Vt en un motor de 4 cilindres de 83,6 mm de diàmetre per 91 mm de cursa.
    8·1 answer
  • What is a case in programming​
    12·1 answer
  • The principle of ________ strongly suggests that programs should execute with the least amount of privileges needed to complete
    13·1 answer
Add answer
Login
Not registered? Fast signup
Signup
Login Signup
Ask question!