Outline for November 19, 2003
Reading: Chapter 18
You discover a security flaw in the operating system on your company's
computer. The flaw enables any user to read any other user's files,
regardless of their protection. You have several choices: you can
keep quiet and hope no-one else discovers the flaw, or tell the
company, or tell the system vendor, or announce it on the Internet.
- Suppose an exploitation of t he vulnerability could be prevented
by proper system configuration. Which of the above courses of action
would you take, and why?
- If an exploitation of the vulnerability could be detected (but
not prevented) by system administrators, how would this change your
answer to question 1?
- Now suppose no exploitation of the vulnerability can be detected
or prevented. Would this change your answer, and if so, how?
Outline for the Day
- Trustworthy entities
- Security assurance
- Trusted system
- Why assurance is needed
- Assurance and software life cycle
- Building trusted systems
- Stage 1: conception
- Stage 2: manufacture
Here is a PDF version of this document.