Notes for February 2, 1998 1. Greetings and felicitations! a. Reading: Pfleeger, pp.228-253; Garfinkel & Spafford, pp. 71Ç137 2. Puzzle a. Point is that root introduces a security flaw by its existance; secure systems donºt have them 3. User identification a. Go through UNIX idea of Ñrealæ, Ñeffectiveæ, Ñsavedæ, Ñauditæ b. Go through notion of Ñroleæ accounts; cite Secure Xenix, DG, etc. c. Go through PPNs (TOPS-10) and groups d. Review least privilege 4. Privilege in Languages a. Nesting program units a. Temporary upgrading of privileges 5. Different forms of access control a. UNIX method b. ACLs: describe, revocation issue [ ended here ] c. MULTICS rings: (b1, b2) access bracket - can access freely; (b2, b3) call bracket - can call segment through gate; so (4, 6, 9) as example d. Capabilities: file descriptors in UNIX