Notes for October 5, 1998
Greetings and Felicitations!
Web site up; some errors in General Information (John Hughes' mailing address) are fixed there
John's hours: M1-3, Tu 3-4; mine, MWF 11-12. Ask if anyone can't make these.
No class Wednesday, but discussion section then. (My office hrs cancelled then!)
No office hours today; interviewing prospective admin assistant for the lab
The telnetd is the same size as the Bourne shell. So, it may have been replaced by the Bourne shell ...
How do you design a security policy?
Analysis of other factors:
What are the threats?
How likely are they to arise?
How can they best be dealt with?
Analysis of other factors
What else affects the policy (federal or state law, needs, etc.)?
Law: as above; discuss jurisdiction (federal or local), problems (authorities' lack of knowledge about computers, etc.); chain of evidence
Discuss cryptographic software controls (here, France, etc.)
What procedures need to be put in place, and how will they affect security?
Principle of Psychological Acceptability (note: illegal violates this)
Principle of common sense (it's not common; more when we discuss robust programming)
Principle of Psychological Acceptability
Principle of Least Privilege
Principle of Fail-Safe Defaults
Principle of Economy of Mechanism (KISS principle, redone)
Principle of Complete Mediation
Principle of Separation of Privilege
Principle of Least Common Mechanism
Principle of Open Design
You can also see this document
in its native format
in ASCII text
Send email to
Department of Computer Science
University of California at Davis
Davis, CA 95616-8562
Page last modified on 10/5/98