Changes between Version 25 and Version 26 of EducationalAssignments/SecurityLayerPartTwo

Changes between Version 25 and Version 26 of EducationalAssignments/SecurityLayerPartTwo

Please note that these Trac pages are no longer being updated. Wiki contents/documentation have moved to GitHub.

Changes between Version 25 and Version 26 of EducationalAssignments/SecurityLayerPartTwo

Please note that these Trac pages are no longer being updated. Wiki contents/documentation have moved to GitHub.

Changes between Version 25 and Version 26 of EducationalAssignments/SecurityLayerPartTwo

Show
Ignore:
Timestamp:
05/23/12 07:39:30 (7 years ago)
Author:
ericms
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • EducationalAssignments/SecurityLayerPartTwo

    v25 v26  
    6262=== Examples of tests === 
    6363Test cases are briefly described in [wiki:EducationalAssignments/SecurityLayerPartOne SecurityLayerPartOne] and [wiki:RepyV2SecurityLayers]. Below is another example of a test case you may want to consider.  This test case gives the right 'style' for your all your test cases, but lacks in the number of test cases.  A good attack will include many test cases. 
    64 ==== Test case  ==== 
     64==== Test case 1:  ==== 
     65 
    6566{{{ 
    6667# Open a file 
     
    9697In this case we are verifying the security of the reference monitor.  This code attempts to write "MZ" to the file directly. First the file is opened using myfile=openfile("look.txt",True). Next myfile.writeat("MZ",0) tries to write "MZ" to the file. The 0 refers to an offset of zero. The try: statement tells the program to "try" this case. Notice that the except is executed if an error is raised. If the security layer fails the test then the else statement is executed. The finally: statement will always run, closing the file.   
    9798 
     99==== Test case 2:  ==== 
     100 
     101{{{ 
     102# Open a file 
     103myfile=openfile("look.txt",True) 
     104  
     105# Attempt to write "MZ" to the file 
     106try: 
     107        myfile.writeat("MZ",1) 
     108  
     109# It raised an Exception : 
     110except ValueError: 
     111  log("The security layer correctly blocked the write!!!") 
     112  
     113# No Exception was raise (as it was supposed to) 
     114else: 
     115  log("Write okay!") 
     116  
     117finally: 
     118  # Close the file after our attempt. 
     119        myfile.close() 
     120}}} 
     121==== Code analysis ==== 
     122 
     123In this case we are verifying the accuracy of the reference monitor.  This code attempts to write "MZ" to the file directly. First the file is opened using myfile=openfile("look.txt",True). Next myfile.writeat("MZ",1) tries to write "MZ" to the file. The 1 refers to an offset of zero. The try: statement tells the program to "try" this case. Notice that the except is executed if an error is raised. If the security layer fails the test then the else statement is executed. The finally: statement will always run, closing the file.   
     124 
     125If this case produces anything other than "Write okay", then this layer fails the accuracy design paradigm.  The security layer should only stop a file from starting with "MZ", not containing "MZ". 
     126 
     127==== More information on: Try, Except, Else, Finally ==== 
    98128The try, except, else and finally statements are part of a design principle known as exception handling.  For more information on exception handling please visit:  
    99129