ch13 review silberschatz operating systems concepts essentials 2nd ed
Review Questions
Section 13.1
13.1 True or False? Policies determine how something will be done,mechanisms describe what will be done. False
Section 13.2
13.2 What principle dictates that programs and users be given just enough privileges to perform their tasks? Principle of Least Privelidge
Section 13.3
13.3 True or False? The need-to-know principle states that a process needs to know everything in order to performits task. False the process should be limited to only those resources necessary to perform its task
13.4 True or False? The user mode/kernel mode paradigm is an example of domain switching. True
13.5 True or False? In the UNIX operating system, a domain is associated with a process, not with a specific user. False in unix a domain is associated with a user
13.6 What is the name of the bit in a UNIX system that associates each file with an owner and domain? setuid bit
Section 13.4
13.7 What does each row and column representin an access matrix? each row represents a domain and each column represents an object
Section 13.5
13.8 What is the problem when using a global table to represent an access matrix? the table is usually large so much so that it can not fit into main memory
Section 13.6
13.9 What is the benefit of using role-based access control? the principle of least privelege can be implemented without creating a seperate account for each user
Chapter 13 Protection
Section 13.7
13.10 Why is revocation of access rights easy with an access list scheme? It is easy because the access list can be searched for any access rights that need to be revoked and then those rights can be deleted immediately revoking access
Section 13.8
13.11 Provide two examples of capability-based systems. Hydra and cambridge CAP system
Section 13.9
13.12 Give an example of a programming language that provides language based protection. Java
Section 13.1
13.1 True or False? Policies determine how something will be done,mechanisms describe what will be done. False
Section 13.2
13.2 What principle dictates that programs and users be given just enough privileges to perform their tasks? Principle of Least Privelidge
Section 13.3
13.3 True or False? The need-to-know principle states that a process needs to know everything in order to performits task. False the process should be limited to only those resources necessary to perform its task
13.4 True or False? The user mode/kernel mode paradigm is an example of domain switching. True
13.5 True or False? In the UNIX operating system, a domain is associated with a process, not with a specific user. False in unix a domain is associated with a user
13.6 What is the name of the bit in a UNIX system that associates each file with an owner and domain? setuid bit
Section 13.4
13.7 What does each row and column representin an access matrix? each row represents a domain and each column represents an object
Section 13.5
13.8 What is the problem when using a global table to represent an access matrix? the table is usually large so much so that it can not fit into main memory
Section 13.6
13.9 What is the benefit of using role-based access control? the principle of least privelege can be implemented without creating a seperate account for each user
Chapter 13 Protection
Section 13.7
13.10 Why is revocation of access rights easy with an access list scheme? It is easy because the access list can be searched for any access rights that need to be revoked and then those rights can be deleted immediately revoking access
Section 13.8
13.11 Provide two examples of capability-based systems. Hydra and cambridge CAP system
Section 13.9
13.12 Give an example of a programming language that provides language based protection. Java