Notes for October 1, 1999 1. Greetings and Felicitations! a. Go through handouts, class rules 2. Puzzle of the day 3. How do you design a security policy? a. Risk analysis b. Analysis of other factors: c. Procedures 4. Risk analysis a. What are the threats? b. How likely are they to arise? c. How can they best be dealt with? 5. Analysis of other factors a. What else affects the policy (federal or state law, needs, etc.)? b. Law: as above; discuss jurisdiction (federal or local), problems (authorities' lack of knowledge about com- puters, etc.); chain of evidence c. Discuss cryptographic software controls (here, France, etc.)