Outline for October 1, 2003
Reading: Robust Programming handout
A vendor informs a company that its system needs a patch installed
to fix a security problem. The company obtains a copy of the patch,
but does not install immediately. Instead, it puts the patch onto
a test system and begins testing the patch
- a. Assuming the vendor had thoroughly tested the patch on its
systems, why do you think the company does this?
- b. How might the company protect itself before the patch is
distributed to all its systems?
Outline for the Day
- Principles of Secure Design (con't)
- Principle of Separation of Privilege
- Principle of Least Common Mechanism
- Principle of Psychological Acceptability
- Robust Programming
- Fragile code's data structure
- Fragile code's creation, deletion of queues
- Robust code's tickets
- Robust code's creation, deletion of queues
Here is a PDF version of this document.