## Integrity Levels for Subjects (e.g., programs, processes, threads, users) and objects (e.g., network addresses):
 * Benign Authentic (BA): 3
 * Benign (B): 2
 * Suspicious (SP): 1
 * Unknown (U):0


 ## Confidentialiy Levels for Objects (e.g., files, memory blocks):
 * Secret (SC): 3
 * Sensitive (SN): 2
 * Private (PR): 1
 * Public (PB): 0


 ## Breach Detection Policies:

 * **Untrusted Execution (UE)**: A subject with higher integrity level executes (loads) an object with lower integrity level.

* **Suspicious Modification (SM)**:A subject with lower integrity level modifies (content, attributes) an object with higher confidentiality level.

* **Data Leak(DL)**: A low integrity subject writes a higher confidentiality data to a low integrity destination (e.g., untrusted network address).

* **Sensitive Read (SR)**: A subject with lower integrity level reads an object (e.g., a file) with a higher confidentiality level or a subject with higher integrity level reads from a network source (e.g., IP address) with a lower integrity level.

# Question:

Write a simulation of this custom access control system to check the above breach detection policies.

In [27]:
class Subject:
  def __init__(self, name, integrity_level):
    self.name = name
    self.integrity_level = integrity_level

  def read (self, obj):
    # ToDo: homework 2: 5pts
    if self.integrity_level<obj.confidentiality_level:
      return False
    else:
      return True
    
  def write (self, obj):
    # ToDo: homework 2: 5pts
    if self.integrity_level in [0, 1] and obj.confidentiality_level in [2, 3]:
        return False
    else:
        return True
    
  def execute (self, obj):
    if self.integrity_level >obj.integrity_level:
      return False
    else:
      return True



In [22]:
class Object:
  def __init__(self, name,confidentiality_level, integrity_level):
    self.name = name
    self.integrity_level = integrity_level
    self.confidentiality_level = confidentiality_level




In [23]:
# subjects
firefox = Subject('Firefox.bin',3)
bash = Subject('bash', 3)
sudo = Subject('sudo', 3)
cp = Subject ('cp',3)
myprogram = Subject('myprogram.cpp', 2)
downloaded = Subject('downloaded.py', 1)


# Objects: network addresses
IPA = Object('a.a.a.a:80',-1,0)
IPB = Object('b.b.b.b.:80', -1, 0)
IPC = Object('c.c.c.c:80', -1,3)

# Objects: files
File1 = Object('/etc/passwd',3, -1)
File2 = Object('/home/alice/code.cpp', 2, -1)
File3= Object ('mycv.pdf', 0, -1)



In [4]:
# untrusted execution check
def untrusted_execution_check (subj, obj):
  return subj.execute(obj)


Fales means breach is detected

In [29]:
 # Suspicious modification detection
def suspicious_modification_check (subj, obj):
  return subj.write(obj)

In [30]:
def data_leak_check(subj, obj):
    return subj.write(obj)

In [31]:
# Sensitive read detection
def sensitive_read_check(subj,obj):
 return subj.read(obj)

In [26]:
# Use the following test cases to verify your code: you can re-write them as assertions if you want.

untrusted_execution_check(firefox,myprogram)
untrusted_execution_check(bash, sudo)
untrusted_execution_check(downloaded,myprogram)
data_leak_check(downloaded,IPB)
sensitive_read_check(myprogram,File1)
suspicious_modification_check(downloaded,File1)
sensitive_read_check(firefox,IPA)
untrusted_execution_check(bash,myprogram)
data_leak_check(firefox,IPB)
sensitive_read_check(myprogram,IPB)
sensitive_read_check(myprogram,IPC)
data_leak_check(firefox,IPC)
sensitive_read_check(downloaded,File3)
suspicious_modification_check(downloaded,File2)
suspicious_modification_check(myprogram,File1)



False

In [12]:
untrusted_execution_check(firefox,myprogram)

False

In [32]:
untrusted_execution_check(bash, sudo)

True

In [33]:
untrusted_execution_check(downloaded,myprogram)

True

In [34]:
data_leak_check(downloaded,IPB)

True

In [35]:
sensitive_read_check(myprogram,File1)

False

In [36]:
suspicious_modification_check(downloaded,File1)

False

In [37]:
sensitive_read_check(firefox,IPA)

True

In [38]:
untrusted_execution_check(bash,myprogram)

False

In [39]:
data_leak_check(firefox,IPB)

True

In [40]:
sensitive_read_check(myprogram,IPB)

True

In [41]:
sensitive_read_check(myprogram,IPC)

True

In [42]:
data_leak_check(firefox,IPC)

True

In [43]:
sensitive_read_check(downloaded,File3)

True

In [44]:
suspicious_modification_check(downloaded,File2)

False

In [45]:
suspicious_modification_check(myprogram,File1)


False