Logout Open In App
Open In App
Warning: foreach() argument must be of type array|object, bool given in /var/www/html/web/app/themes/studypress-core-theme/template-parts/header/mobile-offcanvas.php on line 20

Chapter 8: Problem 1

Consider the principle of complete mediation. Which non-functional system requirement will likely be affected by adhering strictly to this principle?

Short Answer

Expert verified
The non-functional system requirement likely affected is performance.

Step by step solution

01

Understand the Principle of Complete Mediation

The principle of complete mediation requires that every access to a system resource should be checked for authorization. This means that each time a resource (like files or data) is accessed, the access permissions must be verified.
02

Identify System Requirements

A system has many non-functional requirements, such as performance, usability, reliability, security, and maintainability. To solve this problem, we need to determine which of these is most likely affected when strictly adhering to the principle of complete mediation.
03

Analyze the Impact on Performance

Checking access permissions for every access to a system resource adds computational overhead. This overhead can lead to increased response times and slower system performance, as each resource access has an additional check.
04

Consider the Security Improvement

While the complete mediation principle enhances security by ensuring that unauthorized accesses are prevented, this does not adversely affect the security requirements themselves. Instead, it fulfills the security objective.
05

Assess Usability and Maintainability

The increase in security checks due to complete mediation does not directly affect usability, since it operates at the system level, nor does it directly impact maintainability, as it does not alter how the system's components need to be updated or fixed.
06

Conclusion on the Affected Requirement

Considering all these factors, the non-functional requirement that is likely most affected by adhering strictly to the principle of complete mediation is performance. This is because of the additional processing required to check permissions for each access, which can slow down the system.

Unlock Step-by-Step Solutions & Ace Your Exams!

  • Full Textbook Solutions

    Get detailed explanations and key concepts

  • Unlimited Al creation

    Al flashcards, explanations, exams and more...

  • Ads-free access

    To over 500 millions flashcards

  • Money-back guarantee

    We refund you if you fail your exam.

Start your free trial

Over 30 million students worldwide already upgrade their learning with Vaia!

Key Concepts

These are the key concepts you need to understand to accurately answer the question.

Principle of Complete Mediation
The Principle of Complete Mediation in computer security is a very important rule. It demands that every access to every resource must be authorized. Whenever a user tries to access any system resource, like file or data, the system should verify permission. This means every time without exception. This helps in preventing unauthorized access, which is crucial for maintaining security.
However, this constant checking can have some effects on other parts of the system, especially those concerning performance. Understanding and implementing this principle requires balancing security with system efficiency.
Non-Functional Requirements
Non-functional requirements define system attributes like performance, reliability, and usability. They outline how a system performs under certain conditions rather than what the system does. This is different from functional requirements, which describe specific behaviors or functions of the system.
Some of the most typical non-functional requirements include:
  • Performance: How fast the system responds under a workload.
  • Security: Protecting data and functionalities from threats.
  • Usability: Ease of use for users.
  • Reliability: Consistently performing the intended functions.
  • Maintainability: Ease of updating or fixing the system.
Applying the principle of complete mediation mainly impacts performance among these non-functional requirements due to the overhead of constant security checks.
System Performance
System Performance refers to how well a computer system can process tasks. It evaluates speed, efficiency, and overall effectiveness. Whenever access control checks are added, like with the principle of complete mediation, it can affect performance by slowing it down.

Here are some factors that often impact system performance:
  • Response Time: The time it takes for a system to respond to an input.
  • Throughput: The amount of processing done in a given time.
  • System Load: How many processes run simultaneously.
By requiring access checks every time a resource is accessed, complete mediation increases the computational load. This can lead to longer response times, reducing throughput and increasing the system load.
Access Control
Access Control is a vital component of computer security. It ensures that only authorized users have access to certain data and resources. This is implemented through policies managed by the system.

There are different models to achieve access control, such as:
  • Discretionary Access Control (DAC): Users own their own data and set access permissions.
  • Mandatory Access Control (MAC): Access is dictated by a central authority based on sensitivity levels.
  • Role-Based Access Control (RBAC): Access is determined by the user's role within the organization.
With complete mediation, every access is controlled and checked, ensuring adherence to these models and preventing unauthorized access, which increases data security.

One App. One Place for Learning.

All the tools & learning materials you need for study success - in one app.

Get started for free

Most popular questions from this chapter

Alice and Bob use RSA public key encryption in order to communicate between them. Trudy finds out that Alice and Bob shared one of the primes used to determine the number \(n\) of their public key pairs. In other words, Trudy found out that \(n_{a}=p_{a} \times q\) and \(n_{b}=p_{b} \times q\). How can Trudy use this information to break Alice's code?

Suppose an organization uses Kerberos for authentication. In terms of security and service availability, what is the effect if AS or TGS goes down?

AES supports a 256-bit key. How many keys does AES-256 have? See if you can find some number in physics, chemistry, or astronomy of about the same size. Use the Internet to help search for big numbers. Draw a conclusion from your research.

The SSL data transport protocol involves two nonces as well as a premaster key. What value, if any, does using the nonces have?

Alice wants to communicate with Bob, using public-key cryptography. She establishes a connection to someone she hopes is Bob. She asks him for his public key and he sends it to her in plaintext along with an X.509 certificate signed by the root CA. Alice already has the public key of the root CA. What steps does Alice carry out to verify that she is talking to Bob? Assume that Bob does not care who he is talking to (e.g., Bob is some kind of public service).
See all solutions

Recommended explanations on Computer Science Textbooks

Data Structures

Read Explanation

Cloud Services

Read Explanation

Databases

Read Explanation

Cybersecurity in Computer Science

Read Explanation

Computer Network

Read Explanation

Game Design in Computer Science

Read Explanation
View all explanations

What do you think about this solution?

We value your feedback to improve our textbook solutions.

Study anywhere. Anytime. Across all devices.

Sign-up for free