Securing Higher Grades Costing Your Pocket? Book Your Coursework Help at The Lowest Price Now!

  • +1-617-874-1011 (US)
  • +44-117-230-1145 (UK)
Online Customer Service

Discuss the strengths and weaknesses of implementing an access matrix

  39 Download     📄   4 Pages / 767 Words
  1. Access Matrix

Discuss the strengths and weaknesses of implementing an access matrix using access lists that are associated with objects.

The strength of storing an access list with each object is the control that comes from storing the access privileges along with each object, thereby allowing the object to revoke or expand the access privileges in a localized manner. The weakness with associating access lists is the overhead of checking whether the requesting domain appears on the access list. This check would be expensive and needs to be performed every time the object is accessed.

  1. Capabilities

Discuss the strengths and weaknesses of implementing an access matrix using capabilities that are associated with domains. Capabilities associated with domains provide substantial flexibility and faster access to objects. When a domain presents a capability, the system just needs to check the authenticity of the capability and that could be performed efficiently. Capabilities could also be passed around from one domain to another domain with great ease, allowing a system with a great amount of flexibility. However, the flexibility comes at the cost of a lack of control: revoking capabilities and restricting the flow of capabilities is a difficult task.

  1. Bank Security

Make a list of six security concerns for a banks computer system. For each item on your list, state whether this concern relates to physical, human, or operating-system security.

In a protected location, well guarded: physical, human. Network tamperproof: physical, human, operating system. Modem access eliminated or limited: physical, human. Unauthorized data transfers prevented or logged: human, operating system. Backup media protected and guarded: physical, human.

Programmers, data entry personnel, trustworthy: human.

  1. Man-in-the-middle Attack

What commonly used computer programs are prone to man-in-the- middle attacks? Discuss solutions for preventing this form of attack.

Any protocol that requires a sender and a receiver to agree on a session key before they start communicating is prone to the man-in- the-middle attack. For instance, if one were to implement on a secure shell protocol by having the two communicating machines to identify a common session key, and if the protocol messages for exchanging the session key is not protected by the appropriate authentication mech- anism, then it is possible for an attacker to manufacture a separate session key and get access to the data being communicated between the two parties. In particular, if the server is supposed to manufacture the session key, the attacker could obtain the session key from the server, communicate 1 its locally manufactured session key to the client, and thereby convince the client to use the fake session key. When the attacker receives the data from the client, it can decrypt the data, reencrypt it with the original key from the server, and transmit the encrypted data to the server without alerting either the client or the server about the attacker s presence. Such attacks could be avoided by using digital signatures to authenticate messages from the server. If the server could communicate the session key

and its identity in a message that is guarded by a digital signature granted by a certifying authority, then the attacker would not be able to forge a session key, and therefore the man-in-the-middle attack could be avoided.

  1. Authentication

Why doesnt D(kd,N)(E(ke,N)(m)) provide authentication of the sender? To what uses can such an encryption be put?

D(kd,N)(E(ke,N)(m)) means that the message is encrypted using the public key and then decrypted using the private key. This scheme is not sufficient to guarantee authentication since any entity can obtain the public keys and therefore could have fabricated the message. However, the only entity that can decrypt the message is the entity that owns the private key, which guarantees that the message is a secret message from the sender to the entity owning the private key; no other entity can decrypt the contents of the message.

  1. False Alarms and Real Intrusion

Consider a system that generates 10 million audit records per day. Also assume that there are on average 10 attacks per day on this system and that each such attack is reflected in 20 records. If the intrusion- detection system has a true-alarm rate of 0.6 and a false-alarm rate of 0.0005, what percentage of alarms generated by the system correspond to real intrusions?

The probability of occurrence of intrusive records is 10?20/106 = 0.0002. Using Bayes theorem, the probability that an alarm corresponds to a real intrusion is simply 0.00020.6/(0.00020.60.9998?0.0005) =0.193.2

This problem has been solved.

Please send an Email to with the Payment ID and the link to the document to collect by email

Cite This work.

To export a reference to this article please select a referencing stye below.

Urgent Homework (2022) . Retrive from

"." Urgent Homework ,2022,

Urgent Homework (2022) . Available from:

[Accessed 09/12/2022].

Urgent Homework . ''(Urgent Homework ,2022) accessed 09/12/2022.

Buy Discuss the strengths and weaknesses of implementing an access matrix Assignment Answers Online

Talk to our expert to get the help with Discuss the strengths and weaknesses of implementing an access matrix Assignment to complete your assessment on time and boost your grades now

The main aim/motive of the management assignment help services is to get connect with a greater number of students, and effectively help, and support them in getting completing their assignments the students also get find this a wonderful opportunity where they could effectively learn more about their topics, as the experts also have the best team members with them in which all the members effectively support each other to get complete their diploma assignments. They complete the assessments of the students in an appropriate manner and deliver them back to the students before the due date of the assignment so that the students could timely submit this, and can score higher marks. The experts of the assignment help services at are so much skilled, capable, talented, and experienced in their field of programming homework help writing assignments, so, for this, they can effectively write the best economics assignment help services.

Get Online Support for Discuss the strengths and weaknesses of implementing an access matrix Assignment Help Online

Want a fresh copy of this Assignment


  • 24 x 7 Availability.
  • Trained and Certified Experts.
  • Deadline Guaranteed.
  • Plagiarism Free.
  • Privacy Guaranteed.
  • Free download.
  • Online help for all project.
  • Homework Help Services


Urgenthomework helped me with finance homework problems and taught math portion of my course as well. Initially, I used a tutor that taught me math course I felt that as if I was not getting the help I needed. With the help of Urgenthomework, I got precisely where I was weak: Sheryl. Read More

Tap to Chat
Get Instant Assignment Help
Tap to Chat
Get Instant Assignment Help