Cooper, CoryU7 Assignment ACS - 213 Please read the chapter before or concurrently with the assignment. Answer the questions in the context of the textbook and written by you. If you do use an...

Cooper, Cory    U7 Assignment A    CS - 213
Please read the chapter before or concurrently with the assignment. Answer the questions in the context of the textbook and written by you. If you do use an external source a reference to that source is required.
 
1. (8pts) What is protection? What is Security? How do they relate to each other? Give an example for each of the reasons for protection?
The protection can be defined as the mechanism which is used to control the access of the users, programs or processes for the resources as defined by the computer system. This mechanism is used to provide a method and specify the controls which can be imposed together with the help of enforcement. The protection-oriented systems are known for providing a mode so that we can distinguish between the authorized and unauthorized use of resources. The security can be defined as the measurement of confidence a user has on preserving the integrity of data and system. The security and protection make sure that the computer resources like memory, CPU, software etc. are protected.
2. (8pts) What are the mechanisms? What are the policies? How do they relate to each other? Why is the separation of mechanisms and policies necessary?
The mechanism is generally used for determining the manner in which something can be done and policies are used for deciding what action can be done. It is important to have separation between the mechanism and policy to achieve flexibility. The policies can change with time or with place. In the worst scenario if there is change in the policy then it would need changes in the related mechanism. We can use general mechanism to avoid such type of situations.
3. (8pts) Explain the principle of least privilege. Explain the need-to-know principle? How are they the same, how are they different.
The principle of least privilege is used as the guiding principle. All the users, system and programs should be provided enough privileges so that they can perform their task. It also helps to reduce the damage if there is any bug in the entity. The principle of least privilege can be dynamic, or static. In the dynamic it will be changed by the process as per requirement for example privilege escalation or domain switching and, in the static, it will remains in during the life of the process or system. The needs to know principal privilege states that a process should be able to access only those resources which are required for completing the task at any time.
4. (8pts) Given an example of a software object and a hardware object that makes a computer system?
The hardware objects can be disc, printers, CPU, tape drives and memory segments. The software objects can be the semaphores, programs and the files.
5. (6pts) What is a Domain? What are the three ways a domain can be realized? 
The domain can be procedure, process for the user.
Every user can be the domain. The set of the objects which can be accessed are dependent over the identity of the user. Whenever the user is changed there will be domain switching which is generally done when one user logs out and another user logs in.
Each process can be the domain. The set of the objects which can be accessed generally depends over the identity of the process. In this case domain switching will take place when one process is sending message to another process and then it is waiting for the response.
Each process can be the domain. The set of the objects which can be accessed which are corresponding with the local variables which are defined in the procedure.
6. (8pts) What is a protection domain? What is an Access Right? Give an example of an Access Right into a Protected domain.
The protection domain is used for specifying the resources which can be accessed by the process. Each domain will be used to define the set of the objects and different types of the operations which can be invoked on each of the object. The access right is used which is defined as the ability for executing any operation on the object. The domain can be defined as the set of access rights. Domain can be static or dynamic.
7. (6pts) Define a confinement problem.
The confinement problem can be defined as the problem which is used to prevent a server from leaking any of the information which is considered as the confidential by the user. A process which does not store information could not leak it. The process which cannot be observed, or it is not able to communicate with any other process will not be able to leak the information.
8. (5pts) What is the difference between static and dynamic protection domain?
The dynamic protection system can be required to revoke the access rights with the objects which are shared by different users. There are different questions about the different options which can be used to remove the access right of the domain for any object. It can be static or dynamic. The static protection domain is used for providing the protection during the life of the system or during the life of the process will stop this protection domain will change only if there is change in the process. The dynamic protection can be changed as per the requirement of process.
9. (8pts) What is a Domain switch? Give an example.
It is important that we are allowing...