IT 862 Spring 2005

Prof. Ravi Sandhu

Take-home Examination 1


Due in class on 2/24/05


1.      Discuss the concept of administrative scope as it applies (a) to a rooted tree hierarchy (the root being the senior-most role) and (b) to an inverted rooted tree hierarchy (the root being the junior-most role).


2.      Discuss the notion of a dual concept to administrative scope. Administrative scope is defined in terms of junior roles. The dual concept (call it alpha-scope) will be defined in terms of senior roles. Would it have any relevance to RBAC administration.


3.      Prove or disprove (by giving counter-examples) the following propositions.

a.       If a hierarchy has a single maximal (senior-most) role, the administrative scope of that role includes all other roles.

b.      If a hierarchy has a single minimal (junior-most) role, that role will be in the administrative scope of all other roles.


4.      For the RRA97 model prove or give counterexamples for the following propositions:

a.       An authority range is always a create range?

b.      If x is an immediate child of y then (x,y) is a create range?

c.       If x is an immediate child of y then (x,y) can always be introduced into can-modify as an authority range that is guaranteed to be encapsulated?