Outline for January 10, 2003
Reading: Chapters 13, 23.1-23.2
Bureaucracies have their own version of the English language with which you must become familiar. To help you do so, here are some common phrases. See if you can translate them.
Scintillate, scintillate, asteroid minikin.
Members of an avian species of identical plumage congregate.
Surveillance should precede saltation.
Pulchritude possesses solely cutaneous profundity.
It is fruitless to become lachrymose over precipitately departed lacteal fluid.
Freedom from incrustations of grime is contiguous to rectitude.
The writing implement is more potent than the rapier.
It is fruitless to attempt to indoctrinate a superannuated canine with innovative maneuvers.
Eschew the implement of correction and vitiate the scion.
The temperature of the aqueous content of an unremittingly galled saucepan does not reach 212 degrees Farenheit.
Upon vacating these premises all illuminations are to be extinguished.
Outline for the Day
- Principles of Secure Design
- Principle of Least Privilege
- Principle of Fail-Safe Defaults
- Principle of Economy of Mechanism
- Principle of Complete Mediation
- Principle of Open Design
- Principle of Separation of Privilege
- Principle of Least Common Mechanism
- Principle of Psychological Acceptability
- Penetration Studies
- Why? Why not direct analysis?
- Flaw Hypothesis Methodology
- System analysis
- Hypothesis generation
- Hypothesis testing
- System Analysis
- Learn everything you can about the system
- Learn everything you can about operational procedures
- Compare to other systems
- Hypothesis Generation
- Study the system, look for inconsistencies in interfaces
- Compare to other systems' flaws
- Compare to vulnerabilities models
- Hypothesis testing
- Look at system code, see if it would work (live experiment may be unneeded)
- f live experiment needed, observe usual protocols
- See if other programs, interfaces, or subjects/objects suffer from the same problem
- ee if this suggests a more generic type of flaw
- Peeling the Onion
- You know very little (not even phone numbers or IP addresses)
- You know the phone number/IP address of system, but nothing else
- You have an unprivileged (guest) account on the system.
- You have an account with limited privileges.
- Example Penetration Studies
- Michigan Terminal System
- Burroughs System
- Attacking the Organization Directly
Here is a PDF version of this document.