Skip to content

Pick one of the operating system mechanisms that we discusse

    Pick one of the operating system mechanisms that we discussed inChapter Four or Chapter Five.  Describe what it is used for and give anexample of a practical application.Be unique! this is what i picked so i want someone to describe it and give an example!!Chinese Wall Security Policy Brewer and Nash [BRE89] defined a security policy called the Chinese Wall that reflects certain commercial needs for information access protection. The security requirements reflect issues relevant to those people in legal, medical, investment, or accounting firms who might be subject to conflict of interest. A conflict of interest exists when a person in one company can obtain sensitive information about people, products, or services in competing companies. The security policy builds on three levels of abstraction. z Objects. At the lowest level are elementary objects, such as files. Each file contains information concerning only one company. z Company groups. At the next level, all objects concerning a particular company are grouped together. z Conflict classes. At the highest level, all groups of objects for competing companies are clustered. With this model, each object belongs to a unique company group, and each company group is contained in a unique conflict class. A conflict class may contain one or more company groups. For example, suppose you are an advertising company with clients in several fields: chocolate companies, banks, and airlines. You might want to store data on chocolate companies Suchard and Cadbury; on banks Citicorp, Deutsche Bank, and Credit Lyonnais; and on airline SAS. You want to prevent your employees from inadvertently revealing information to a client about that client’s competitors, so you establish the rule that no employee will know sensitive information about competing companies. Using the Chinese Wall hierarchy, you would form six company groups (one for each company) and three conflict 1.  A purchasing clerk creates an order for a supply, sending copies of the order to both the supplier and the receiving department.  2.  The supplier ships the goods, which arrive at the receiving department. A receiving clerk checks the delivery, ensures that the correct quantity of the right item has been received, and signs a delivery form. The delivery form and the original order go to the accounting department.  3.  The supplier sends an invoice to the accounting department. An accounting clerk compares the invoice with the original order (as to price and other terms) and the delivery form (as to quantity and item) and issues a check to the supplier.  Pag e 7 of 62Cha pter 5.  Designing Trusted Operating Systems8/13/2006file://D:Documents and Settin gsSLocal SettingsTemp~hh4059.htm  classes: {Suchard, Cadbury}, {Citicorp, Deutsche Bank, Credit Lyonnais}, and {SAS}. The hierarchy guides a simple access control policy: A person can access any information as long as that person has never accessed information from a different company in the same conflict class. That is, access is allowed if either the object requested is in the same company group as an object that has previously been accessed or the object requested belongs to a conflict class that has never before been accessed. In our example, initially you can access any objects. Suppose you read from a file on Suchard. A subsequent request for access to any bank or to SAS would be granted, but a request to access Cadbury files would be denied. Your next access, of SAS data, does not affect future accesses. But if you then access a file on Credit Lyonnais, you will be blocked from future accesses to Deutsche Bank or Citicorp. From that point on, as shown in Figure 5-5, you can access objects only concerning Suchard, SAS, Credit Lyonnais, or a newly defined conflict class

    You can hire someone to answer this question! Yes, has paper writers, dedicated to completing research and summaries, critical thinking tasks, essays, coursework, and other homework tasks. Its fast and safe.