Blog

Enterprises are increasingly relying on Cloud services (e.g….

Enterprises are increasingly relying on Cloud services (e.g., Amazon AWS) for a variety of reasons. In this question, we want to explore storage and processing of data in a Cloud when there are mandatory access control requirements for the data. Assume authentication and authorization are correctly implemented in a public cloud environment where resources are shared among multiple applications that belong to different tenants who may compete with each other (e.g., two banks). Answer the following questions for this system. A hypervisor allocates memory pages to various virtual machines. Modern operating systems and hypervisors write zeros in memory pages when they are reallocated from one process to another process. If this is not done, a HIGH process can leave sensitive data in a memory page which can next be allocated to a LOW process. In this case, the LOW process may be able to read the sensitive data in the page. This could violate security because as a LOW process,  it should not have access to such sensitive data. If memory pages are  not zeroed on reallocation,  could this lead to a covert channel in a Cloud environment? If your answer is yes, explain how a covert channel can be set up? (2 pts.) Would this be a timing or storage covert channel? Explain your answer. (2 pts.) If a covert channel can be established in 1.1, would it be noisy? Explain your answer. (1+2 pts.) Elastic Cloud services dynamically allocate reusable resources such as CPU and storage, which can be shared across applications of different tenants.  Give an example of a timing channel that could be established in this system and discuss how data will be transferred from a HIGH to LOW process. (1+2 pts.) Assume it has been determined that the Cloud provider must address covert channel concerns of its tenants. We discussed a number of techniques for mitigation of covert channels. Two examples of such techniques are static resource allocation and the pump abstraction. What kind of covert channels can be mitigated with static resources allocation? Explain why such mitigation works. (1+2 pts.) Could the pump be used for mitigation of covert channels in this environment? Explain what types of covert channels can be mitigated using a pump. (2+2 pts.) Could the shared resource matrix (SRM) be used to detect covert channels in such a system when different tenant applications run in separate virtual machines? If yes, explain how or discuss why it is not possible. (1+1+2 pts.) Are covert channels a concern in SELinux? Explain your answer. (1+2 pts.) Assume that when user U’s process P makes a request for file F in SELinux, discretionary and type enforcement (TE) permissions are granted.  In the multi-level security (MLS) part of the security context of F, the security level is s5. You can assume that both F and U have their compartment set to co..c1023. Answer if the following statements are true or false, and briefly explain your answer. U will be able to read F when the effective security level in its security context is s6. (2 pts.) U will be able to read F when the clearance level in its security context is s4. (2 pts.) U will be able to read F when its effective security level is s3 and its clearance level is s6. (2 pts.)

Tanya is looking for a health care center with a specialist…

Tanya is looking for a health care center with a specialist who can examine her aching knee. Her insurance plan allows her to pay less if she uses providers in the plan’s network. However, if she chooses a specialist outside of her plan’s network, it will cost her more out-of-pocket. What plan does she have?