Outline for January 29, 2003
Reading: text, §2, 3.1-3.2
A company by the fictitious but real-sounding name of PC Surveys sent me
a program that collects statistical information about the programs I
use, the frequency with which I use them, the commands I execute within
them, and the size of the documents I use them on. When enough data is
collected, the program will connect to the PC Surveys web site, and
download the data using an enciphered link. The program would continue
collecting and transmitting this data for a year. In exchange, each
month I would receive a gift worth $10, and after 1 year they would give
me a game of my choice (list price not to exceed $39.95).
Two of my children think this is a great idea. My spouse, and my other
child, think it isn't.
What do you think?
If it's a bad idea for me to install this program, what could the
company do to convince me it's okay?
Outline for the Day
- Access Control Matrix
- Copy flag
- Attenuation of privileges
- HRU Result
- Notion of leakage in terms of ACM
- Determining security of a generic system with
generic rights is undecidable
- Meaning: can't derive a generic algorithm; must
look at (sets of) individual cases
- Sets of authorized, unauthorized states
- Secure systems in terms of states
- Mechanism vs. policy
- Types of Policies
- Military/government vs. confidentiality
- Commercial vs. integrity
- Types of Access Control
- Mandatory access control
- Discretionary access control
- Originator-controlled access control
- High-Level Policy Languages
- Example: DTEL
- Low-Level Policy Languages
- Example: Tripwire configuration file
Here is a PDF version of this document.