In: Computer Science
Consider using mandatory access controls and compartments to implement an ORCON control. Assume that there are k different organizations. Organization i will produce n(i, j) documents to be shared with organization j.
a. How many compartments are needed to allow any organization to share a document with any other organization?
b. Now assume that organization i will need to share nm(i, i1, ..., im) documents with organizations i1, ..., im. How many compartments will be needed?
(a)Answer : We can assume that two ,three or more compartments need to share document. Suppose a document of i ∈(element of) Imarks an object j ∈Eas ORCON on behlaf of organization J.Organization J allows organization to organization to be disclose to subjects acting on behlaf of a second organization,Y,subject to the following restrictions.
a.The object x cannot be release to subjects acting on behlaf of other organizations without J permission
b. Any copies of x must have the same restrictions placed on it .
(b) We can assume that a member in the organization F wants to provide the access to a document d belongs to organization F to a member of organization A, but the document not expected to be shared with members of other organization G or H.
So, document d cannot be in cateogry c because if it were,memebers S ∈S and L ∈L could access d. Another cateogry containing d, f, and A must be created. Mulitplying relationships and documents creates an unacceptably large number of categories.