Outline for January 27, 2003

Reading: text, §2, 3.1-3.2

Discussion Problem

Saul Alinsky illustrated one of his rules of tactics for an organizer with the following example:

The third rule is: Whenever possible go outside of the experience of the enemy. Here you want to cause confusion, fear, and retreat.

General William T. Sherman, whose name still causes a frenzied reaction throughout the South, provided a classic example of going outside the enemy's experience. Until Sherman, military tactics and strategies were based on standard patterns. All armies had fronts, rears, flanks, lines of communication, and lines of supply. Military campaigns were aimed at such standard objectives as rolling up the flanks of the enemy army or cutting the lines of supply or lines of communication, or moving around to attack from the rear. When Sherman cut loose on his famous March to the Sea, he had no front or rear lines of supplies or any other lines. He was on the loose and living on the land. The South, confronted with this new form of military invasion, reacted with confusion, panic, terror, and collapse. Sherman swept on to inevitable victory. It was the same tactic that, years later in the early days of World War II, the Nazi Panzer tank divisions emulated in their far-flung sweeps into enemy territory, as did our own General Patton with the American Third Armored Division.1

What does this have to do with computer security?

Outline for the Day

  1. Access Control Matrix
    1. Subjects, objects, and rights
    2. Primitive commands: create subject/object, enter right, delete right, destroy subject/object
    3. Copy flag
    4. Attenuation of privileges
  2. HRU Result
    1. Notion of leakage in terms of ACM
    2. Determining security of a generic ystem with generic rights is undecidable
    3. Meaning: can't derive a generic algorithm; must look at (sets of) individual cases

1 Saul Alinsky, Rules for Radicals, Random House, Inc., New York, NY (1972) pp. 127-128.


Here is a PDF version of this document.