Outline for October 1, 2003

Reading: Robust Programming handout

Discussion Problem

A vendor informs a company that its system needs a patch installed to fix a security problem. The company obtains a copy of the patch, but does not install immediately. Instead, it puts the patch onto a test system and begins testing the patch

1. a. Assuming the vendor had thoroughly tested the patch on its systems, why do you think the company does this?
2. b. How might the company protect itself before the patch is distributed to all its systems?

Outline for the Day

1. Principles of Secure Design (con't)
   1. Principle of Separation of Privilege
   2. Principle of Least Common Mechanism
   3. Principle of Psychological Acceptability
2. Robust Programming
   1. Principles
   2. Fragile code's data structure
   3. Fragile code's creation, deletion of queues
   4. Robust code's tickets
   5. Robust code's creation, deletion of queues