Notes for February 19, 1997
- Turn back midterms. mean was 70.
- When HW 2 returned (by Friday, I hope!) I'll also hand out a note
saying how you're doing.
- Puzzle of the day
Key problem: how do you know it's really the student taking the test?
Cameras, keystroke identification, etc.
- Malicious logic
Quickly review Trojan horses, viruses, bacteria
- orms (Schoch and Hupp)
- Review trust and TCB
- Notion is informal
- Assume trusted components called by untrusted programs
- Ideal: program to detect malicious logic
- Can be shown: not possible to be precise in most general case
- Can detect all such programs if willing to accept false positives
- Can constrain case enough to locate specific malicious logic
- Can use: writing, structural detection (patterns in code), common
code analyzers, coding style analyzers, instruction analysis
(duplicting OS), dynamic analysis (run it in controlled environment and
- Best approach: data, instruction typing
- On creation, it's type "data"
- Trusted certifier must move it to type "executable"
- UNIX idea: executable bit is "certified as executable"
and must be set by trusted user (Duff)
- Practise: blocking writing to communicate information or do damage
- Limit writing (use of MAC if available; show how to arrange system
You can also see this document as a
Binhex Framemaker version 5 document,
plain ASCII text document.
Send email to
Department of Computer Science
University of California at Davis
Davis, CA 95616-8562
Page last modified on 2/20/97