Combined Capability and RBAC Lab
OverviewThe learning objective of this lab is two-fold. First, this lab provides students with an opportunity to integrate two access control principles, capability and the Role-Based Access Control (RBAC), to enhance system security. Second, this lab allows students to apply their critical thinking skills to analyze their design of the system to ensure that the system is secure.
In this lab, students will implement a simplified capability-based RBAC system for Minix. The simplification on RBAC is based on the RBAC standard proposed by NIST. This lab is quite comprehensive. Students should expect to spend 4 to 6 weeks on this lab. Students should have a reasonable background in operating systems, because kernel programming and debugging are required.
Lab Description and Tasks (pdf)
Student FeedbacksTo help us understand how effectively this lab has enhanced students' learning in computer security, we asked students to fill out an anonymous survey right after they finish the lab. We started to conduct the survey since 2007. The survey results depicted in the following are aggregate results over several years.
Updated on 1/15/2008