Completely random selection of possible test questions

All questions used in the past

1   The academic computer center is building a new computer system which
    will protect information based on SSN's (if you have the highest SSN,
    you may see all; the lowest SSN only your own information).  Write
    the purge function they will need to prove that their system is secure.

2   Draw a directed graph (with labeled nodes representing levels, and arrows
    representing dominance relations) for the following set of levels:

	UN{a}    UN{b}	  UN{c}	    SEC{a,b,c}  TS{d}    CON{a,b}

3   In the Chinese Wall model, given the following N-matrix and object labels:

		O1   O2   O3   O4   O5   O6   O7	label(O1) = 
	S1	F    F    F    T    F    T    F		label(O2) = 
        S2      F    T    F    F    F    F    T         label(O3) = 
	S3      T    F    T    F    F    F    F		label(O4) = 
							label(O5) = 
   a) Which of the users can access O5?			label(O6) = 
							label(O7) = 


   b) Which of the following requests will (will not) be granted?
	
	(S1,O1)			(S2,O3)

	(S3,O7)			(S2,O1)

	(S3,O1)			(S2,O6)

4   In many windowing environments, each "window" is treated as a separate
    login; the "who" command (in Openwindows(tm)) will identify the
    user responsible for all the windows.  Describe how this command could
    be used to construct a covert channel.


5    Give an example of (real or imagined) accesses of the following types:
     (N.B.  read would be a perfectly good example of an "observe access",
      but its just too boring and obvious; find a more interesting example)
    	a)  pure observe (other than ordinary read)
	b)  pure modify (other than delete or append)
	c)  both (other than ordinary edit)