In: Computer Science
The security levels are ULTRA SECRET, SECRET, CONFIDENTIAL and PUBLIC (ordered from highest to lowest), and the categories UNO, DOS and TRES. Assuming that discretionary access controls allow anyone access unless otherwise specified, state what type of access (read, write, both or neither) is allowed in each of the following situations, given the security levels and categories provided.
i) Lisa, cleared for (ULTRA SECRET, {UNO, TRES)), wants to access a document classified (CONFIDENTIAL, {UNO}).
ii) Bart, cleared for (SECRET, {DOS}), wants to access a document classified (CONFIDENTIAL, {DOS}).
iii) Marge, cleared for (CONFIDENTIAL, {TRES), wants to access a document classified (CONFIDENTIAL, {DOS}).
iv) Homer, cleared for (CONFIDENTIAL, {UNO, TRES), wants to access a document classified (ULTRA SECRET, {DOS, TRES)).
(i) write securitylevel,categories
where securitylevel=ULTRA SECRET and categories IN(UNO,TRES)
--------------------------------------------------------
read securitylevel,categories
where securitylevel=CONFIDENTIAL and categories =UNO
(ii)
write securitylevel,categories
where securitylevel=SECRET and categories =DOS
--------------------------------------------------------------
read securitylevel,categories
where securitylevel=CONFIDENTIAL and categories =DOS
(iii)
write securitylevel,categories
where securitylevel=CONFIDENTIAL and categories =TRES
--------------------------------------------------------------
read securitylevel,categories
where securitylevel=CONFIDENTIAL and categories =DOS
(iv)
write securitylevel,categories
where securitylevel=CONFIDENTIAL and categories IN(UNO,TRES)
--------------------------------------------------------------
read securitylevel,categories
where securitylevel=ULTRA SECRET and categories IN(DOS,TRES)