Notes for February 21, 1997

  1. Hello
  2. Puzzle of the day
    1. Bob's mail box is a symbolic link to the password file
    2. Bob also owns cheryl's mail box
  3. Practise: blocking writing to communicate information or do damage
    1. Limit writing (use of MAC if available; show how to arrange system executables); review quickly
    2. Isolation
    3. Quarantine
  4. Trust
    1. Untrusted software: what is it, example (USENET)
    2. Check source, programs (what to look for); C examples
    3. Limit who has access to what
    4. Your environment (how do you know what you're executing); UNIX examples
    5. Least privilege; above with root
  5. Practise: detecting writing
    1. Integrity check files à la binaudit, tripwire; go through signature block
    2. LOCUS approach: encipher program, decipher as you execute.
    3. Co-processors: checksum each sequence of instructions, compute checksum as you go; on difference, complain
  6. Lattice Model
    1. Set of classes SC is a partially ordered set under relation ¾ with GLB (greatest lower bound), LUB (least upper bound) operators
    2. Note: is reflexive, transitive, antisymmetric
Send email to cs153@csif.cs.ucdavis.edu.

Department of Computer Science
University of California at Davis
Davis, CA 95616-8562


Page last modified on 2/27/97