Question

Suppose the following groups are defined to shorten a system’s access control lists: – Group1: Alice, Bob, Cynthia, David, Eve – Group2: Alice, Bob, Cynthia, Eve – Group3: Bob, Cynthia Suppose the access control list for File 1 is: – File 1: Group 1, R; Group 2, RW If Alice wants to write to File 1 giving your reasoning, state whether Alice will be allowed to do so if: i) The first relevant entry policy is applied ii) The any permission in list policy is applied Suppose the access control list for File 2 is: – File 2: Group 3, RWE iii) Show how the need for a Group 3 for File 2 can be removed using access none. iv) Show how you can eliminate the need for a Group 2 for File 1 access.

Answer 1

Answer: Provided in the explanation section

Explanation:

provided below is a step by step process to analyzing this question.

i.  

• According to the policy, Group 1 is allowed to read.

• So, if the first policy is applied then, Group 1 i.e. group having Alice will only have access to read and not to write the files. So, Alice will not be able to perform the write operation.

ii .  

• The first policy on the list is not giving access to Alice to write.

• The second policy on the list is giving access to Alice for the write operation.

• Since Alice is both in Group 1 and Group 2 and Group 2 gives access to write to Alice, so Alice will be allowed to write.

iii.  

• The none access specifier gives all the access.

• So, we will provide first all the access to Alice and then provide RWE access to group 2.

• As a result, by writing the second statement all the access of RWE will be taken from Alice and will be only provided to Bob and Cynthia.

• So, the statement will be File 2: Alice, None; Group 2, RWE

cheers i hope this helped !!!!