Assigned: 5 May 1999
Due: 12 May 1999 (in class)

Late homeworks will not be accepted.

1. In most capability-based systems, capability lists are kept in a user's address space. How can the operating system ensure that users don't modify their capability lists to add new rights? NOTE: simply keeping a copy in the OS isn't a valid solution.
2. Suppose you had a system with relatively few users. Would you choose capability lists or access control lists for such a system? Which type of access matrix implementation would you choose for a system with many users but relatively few objects, such as a Web server?
3. On many Unix systems, the password file is readable by all users. How can the operating system keep passwords secret while still allowing any user to read the password file?
4. What are the advantages to using a public key system for encryption in a large distributed system like the Internet? Are there any drawbacks to using public key encryption?
5. Is it possible to crack a message encrypted using a one-time pad? Why or why not?
6. Explain the difference between a trojan horse and a virus. What defensive measures would you take against each kind of threat?