Week 9 Tutorial Sheet
Access Control and Authentication
IMPORTANT NOTES: Study lecture materials at least 1 hour and prepare Question 1-4 prior to the tutorial session. Prepared questions will be discussed in the tutorial session.
1. In the context of access control, what is the difference between a subject and an object? What is an access right?
Copyright By PowCoder代写 加微信 powcoder
2. In UNIX, both files and directories include a nine-bit access control permission mode. If care is not taken, this can create access control problems. For example, consider a file file.txt with permission mode rw-r–r– contained in a directory dir with permission mode rwx-wx—. How might the file be compromised in this case?
3. In general terms, what are the three means of authenticating a user¡¯s identity?
4. In the context of biometric authentication, define the terms false match rate and false non-match rate, and explain the use of a threshold in relationship to these two rates.
5. What is meant by a one-way hash function? Why is it useful for protecting passwords against attacks that expose the stored file contents of the password authentication server?
6. Let x to be a password that contains exactly 3 characters. The characters are chosen from a set of alphabet A={ a,b,c,d,e }. How many possible distinct x can be created in the following scenarios:
(a) If x can contain repeated characters? e.g. aaa is a valid password
(b) If x should not contain repeated characters? e.g. aab is not a valid password
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com