User Account

All Pages

Description of the directory and security group structure

Assignment Help Other Subject
Reference no: EM131241908

This lab will be based on information taken from the following case study:

Evered, M. and Bogeholz, S., A case study in access control requirements for a health information system, Proceedings of the second workshop on Australasian information security, Data Mining and Web Intelligence, and Software Internationalisation, 32, 53--61, 2004.

The case study is based on a Health Information System for an aged-care facility. The facility offers single room accommodation for some 30 residents.

Users - For this lab, we will use 10 users:

Gloria (Manager) [username: gloria]

Linda (Health Care Worker) [username: linda]

Ian (Health Care Worker) [username: ian]

Mary (Doctor) [username: mary]

Markus (Doctor) [username: markus]

Margaret (Patient) [username: margaret]

George (Patient) [username: george]

Russell (Patient) [username: russell]

Patricia (Patient) [username: patricia]

Mangle (admin/superuser) [username: amangle]

The audit scripts will be tested using the admin/super user.  All usernames must be as listed above for auditing purposes.

Data

-Personal Information

Static data entered into the system when a resident is admitted. This includes personal details such as name, sex, religion etc., medical insurance information; medical information such as blood group, allergies etc.; contact details for the resident's doctor; contact details of a responsible person who is to be contacted in emergencies; and contact details for whom, if the resident is not mentally capable, can make decisions and provide signatures on behalf of the resident.

-Care Plan

This is a working document that contains detailed information and instructions regarding the day-to-day care of the resident, eg. assistance required with meals, hygiene etc. A care plan is started for each resident on admission and is updated on a regular basis. Old versions of the care plan are archived.

-Progress Notes

These are observational entries covering such aspects as physical mobility, appetite, behavior, mood and the general state of the resident. Progress notes are used to update the care plan. Progress notes older than one year are also archived.

-Medical Records

A number of different doctors visit the facility with one doctor visiting each week on 'clinical day'. Residents can choose which of these doctors they wish to attend to them. The facility requires that each resident undergo a medicalexamination at least every six months and medication is reviewed at least every three months. After each examination the doctor adds an entry to the medical records of the patient.

Access Rules

-Manager

Has the broadest access to the information, including access to personal, financial, clinical and medical information about each resident.

The manager has full control of past and present medical records and is the only person who can rename or delete records from the system

Only the manager is allowed to edit personal information and to start or update the care plan of a resident. The care plan is updated in consultation with the resident or the responsible person.

Only the manager is allowed to delete the information about a resident but here also that right is restricted. Privacy laws require that the information be held for a certain period after a resident leaves the facility.

-Health Care Workers

Health care workers can view the care plan for each resident and add progress note entries based on their observations.

Access to emergency details is available for all staff.

Health care workers can view recent medical records of residents (up to one year old) but cannot normally view older medical information. For a special purpose, access to an older medical record can be sought and obtained from the manager.

-Doctors

Doctors have access to all the medical information of all residents and can add entries to their medical records.

Doctors can also add private notes about a resident, which, on the basis of doctor-patient confidentiality, are not visible to health care staff or the manager.

-Residents

Privacy laws require that a person should have full access to any information stored about them (unless the well-being of a third party would be jeopardized by revealing the information). Assume that residents have access to the information but must request any change to records to be made by the manager.

Normally a system like this would be implemented using a database but since this is an OS security lab for access control, we will assume that the system is to be implemented using a file system.  In this lab you will design a file system and access control structure to support this scenario. I would recommend first designing your directory tree structure and for each directory, design an access control list.  Feel free to work on the design in groups or one big group because this will likely require a number of perspectives.

Implementation-

Write a script to implement your file system.  When the script is run it should create all directories, users, groups, and assign permissions based on your access control design.  You can write your script to implement your access control scheme in either Linux or Windows.  In Linux you should write a BASH script using the ACL package to set fine grained permissions

Deliverables:

You should prepare a report consisting of the following information:

1) A written description of the directory and security group structure that you used and evidence of its implementation in Linux.The policy has been given to you and the deliverable is the model. 

a. A summary of the directory and security group

b. A diagram of the directory structure including groups structure

c. A diagram with the directory with groups and security structure

d. Supporting justification for b and c in written format to support the auditors and explain why the model was created

2) Your BASH script that sets up the directory structure, users, groups, and access structure. Building off your model from deliverable one, you will select the mechanism (Bash) and implement the model

a. A script in BASH that will

i. Create users

ii. Places the users in the proper groups

iii. Creates the directories for each users

iv. Creates the access structure

v. Places blank files in each directory [test.txt]

3) Write about your experience implementing the ACLs.  Based on the set of permissions offered by the operating system, was it possible to implement all of the access control constraints required by the case study?

a. Details the challenges encountered and addressed when implementing ACL in at least two paragraphs

b. Details best practices for future implementations for classmates and future students

4) You will develop an audit script using BASH and perform an audit to verify the policies, models, and implementations are appropriate. A report must be submitted based on the reports of the audit identifying where the results that did correspond to the policy created in the first deliverable.

a. A script (BASH) that will automatically audit a system to determine if the implemented ACL meets the policy standard.  This will be created off your interpretation of the policy/model but applied to someone else's system.  The program should provide a pass/fail for each user.  If all users pass, an overall pass score should be displayed other wise the audit will fail.  This will be tested / implemented in class

Resources for Linux ACL package:

https://www.tecmint.com/secure-files-using-acls-in-linux/

Bash Scripting:

https://tldp.org/HOWTO/Bash-Prog-Intro-HOWTO.html

https://www.tldp.org/LDP/abs/html/

Power Shell:

https://technet.microsoft.com/en-us/library/bb978526.aspx

https://www.powershellpro.com/

Only question 1 and 2 are required.

Reference no: EM131241908

Questions Cloud

Proper organizational relations between research : What would you suggest as the proper organizational relations between the research and development department of a company producing products for industrial use (e.g. machine tools) and its marketing department?
What can he expect during the second phase of this process : Which one of the following theoretical approaches asks how people shape the reality they experience? Jake Doe is undergoing resocialization. What can he expect during the second phase of this process?
What was the initial speed of the ball : What is the magnitude of the acceleration of the ball just before it strikes the ground? Express your answer using two significant figures. What was the initial speed of the ball?
Best way to minimize the weighted average cost of capital : What is the best way to minimize the weighted average cost of capital? - What is the effect of the weighted average cost of capital on the market value?
Description of the directory and security group structure : A written description of the directory and security group structure that you used and evidence of its implementation in Linux.The policy has been given to you and the deliverable is the model. A summary of the directory and security group and A dia..
What is third measure of performance management structure : Performance Management Structure (PMS) consists of four measures. Three of them are employee, customer, and financials. What is the third measure?
How fast does juan travel relative to shore : Juan aims his boat directly across a river flowing at 8 miles/hour. Juan's boat travels at 6 miles/hour in still water. How fast does Juan travel relative to shore?
Think about how your organization addresses integration : What are your skills requirements for an IT performance manager in measuring the success of the entire IT delivery services? What are the major differences?
Discuss if group in the film demonstrate group polarization : Analyze issues of prejudice observed while watching the jurors deliberate. Determine if there was evidence of cognitive heuristics. If so, where/how did it occur? Interpret the catalyst of change that resulted in the outcome of the film, based on you..

Reviews

Write a Review

Other Subject Questions & Answers

  Effectiveness of current treatment strategies

Treatment programs cannot always be 100% effective, and many substance abusers relapse into drug abuse after days, months, or even years of sobriety. With the marginal success of treatment programs, it is even more important that people never star..

  Write essay to explain relationship between classical and

write a 450- to 700-word essay to describe the relationship between classical and operant conditioning. explain their

  Assignment on reflections on racial discrimination

Reflections on Racial Discrimination

  Analysis of the personality tests

Give an analysis of one of the personality tests (MMPI-2, NEO PI-R, or BSI) relative to its potential bias against or for a particular culture, diversity group

  Identify principal roles and function of police organization

Identify the principal roles and functions of police organizations and their role as it applies to the law. Describe various types of police agencies at the local, state, and federal level and the roles and functions of each.

  Explain two gaps in literature associated to social problem

determining an appropriate area of research often requires a balancing act between the personal interests of the

  Epistemological position of the danger of dichotomous think

What are you? Discuss and explain Code's epistemological position of the danger of "dichotomous thinking" and its ramification characteristically in malestream thought;

  Why do some gay men participate in high-risk behaviors

Why do some gay men participate in high-risk behaviors? Is mindfulness meditation an efficacious treatment for adult ADD (attention deficit disorder)?

  Employment laws in united states

Can you provide me with the following information for each employment law? The information required is: Description and Requirement of Law

  Memo - strategy to reduce or save tax

Write two memos - Income averaging is it still available as strategy to reduce or save Tax - Usa political parties which is best for America as a whole which is best for individual

  Students will select two articles from the following topic

students will select two articles from the following topic areas.nbsp you will then read summarize and write short

  Internal validity of experimental research

Describe the basic problems that can threaten the internal validity of experimental research. Explain how they compromise internal validity and explain how experimenters address each threat?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd