Outline for January 8, 2003

Reading: Chapters 1, 13

Discussion Problem

This comes from a Microsoft web page entitled "Linux Myths." What do you think about Microsoft's criticisms of Linux? Specifically, does this argument demonstrate that Windows is more secure than Linux?

Myth: Linux is more secure than Windows NT.
Reality: The Linux security model is weak

All systems are vulnerable to security issues; however it's important to note that Linux uses the same security model as the original UNIX implementations--a model that was not designed from the ground up to be secure.

Outline for the Day

  1. Policy vs. mechanism
    1. Policy
    2. Mechanism
  2. Trust and Assumptions
  3. Types of mechanisms: secure, precise, broad
  4. Assurance
    1. Specification
    2. Design
    3. Implementation
    4. Maintenance and operation
  5. Operational Issues
    1. Cost-benefit analysis
    2. Risk analysis
    3. Laws and customs
  6. Human issues
    1. Organizational problems
    2. People problems
  7. Principles of Secure Design
    1. Principle of Least Privilege
    2. Principle of Fail-Safe Defaults
    3. Principle of Economy of Mechanism
    4. Principle of Complete Mediation
    5. Principle of Open Design
    6. Principle of Separation of Privilege
    7. Principle of Least Common Mechanism
    8. Principle of Psychological Acceptability

Here is a PDF version of this document.