CS5430 Homework 5: Reference Monitors (and beyond!)

General Instructions. Work individually --- do not work with other CS5430 students on this assignment. Collaborating on this assignment with another CS5430 student will be treated as an academic integrity violation.

Due: November 17, 2020 at 10:00am. No late assignments will be accepted.

Submit your solution as .pdf using CMS. Typset answers, using 10 point or larger font. All answers should be in a single file containing at most 5 pages.


This assignment has you reading a technical paper from the cyber-security literature and answering questions about the material it covers. There are two goals. First, the assignment will give you experience reading a technical paper from the literature. Second, mastering the content of this paper will give you a deeper understanding of material we have been discussing in class.

Your grade on this assignment will depend on the following.


Answer the following questions based on your understanding of the following paper.

Question 1. What do the authors mean by "language-based security"?

Question 2. What arguments were operating systems developers using circa 2000 to justify having a large kernel.

Question 3. How could fine-grained protection domains have been useful for defending against Melissa?

Question 4. What problems arise from running a reference monitor in a separate address space from the target system it monitors.

Question 5. What informal justification do the authors suggest for concluding that program analysis is a more-powerful enforcement mechanism than reference monitors?

Question 6. Give two advantages of applying IRM enforcement to high-level language programs rather than applying IRM enforcement to assembly language programs.

Question 7. What is the Java analog of TAL, and why would the authors see them as being analogous?

Question 8. In this paper, what is seen as the primary disadvantage of building systems by using a high-level language and how can that disadvanage be overcome?