• Home
  • Blog
  • Texas at Arlington Role Based Access Control in Operating System Question

Texas at Arlington Role Based Access Control in Operating System Question

Daniel Kevins

0 comments

3. Network Security

  • Using VMs, install a web server. You can use WordPress or any other suitable packages.
  • The content of web page hosted by the server can be minimal.
  • The server needs to store a password file which contains two elements—username and password.

    • If you feel you need a separate database server to do this part, go ahead.

  • Password should NOT be stored in cleat text—they need to be hashed.
  • Your web page should be accessible via the internet.

    • o If you need server space on the CSE server to host your site let me know.

  • Your web page needs to have access restrictions.

    • o When the user tries to open the webpage, the user needs to be authenticated.

    o Prompt the user for username and password.

    o Find the hash of the user entered password and compare it with the stored hash value.

    o If there is a match, the user should have access to the webpage

  • Your webserver needs to be behind a firewall. Choose appropriate firewall settings and

    • configurations as examples.

    4. Role-Based Access Control

  • You need to implement a role-based access control system on an operating system. You may use

    • any resources/packages/libraries to do so.

  • Your RBAC system must have at least three roles:

    • o Manager

    o Engineer

    o Human Resources

  • Here are the access control policies to implement.

    • o There can only be a single manager account.

    o There can only be a single human resources account.

    o There are no limitations on the number of engineer’s account.

    o All users can view, edit, and delete their own file.

    o Any file created by a user with an engineer’s account can view file created by another

    engineer account.

    o Any file created by the human resources account are confidential and not accessible to

    other accounts.

    ▪ However, the human resource account can set a flag on a specific file so that it

    can be viewed by the manager.

    ▪ Engineers cannot view this file under any circumstances.

    o Any file created by the manager account are confidential and not accessible to other

    accounts.

    ▪ However, the manager account can set a flag on a specific file so that it can be

    viewed by a specified user – engineer or human resources.

    Author Image

    About the Author

    Daniel Kevins

    Follow me

    {"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}