Midterm Study Guide
This is simply a guide of topics that I consider fair game for the
midterm. I don’t promise to ask you about them all, or about any of
these in particular; but I may very well ask you about any of these.
- What is security?
- Basics of risk analysis
- Relationship of security policy to security
- Policy vs. mechanism
- Assurance and security
- Saltzer’s and Schroeder’s Principles of Secure Design
- Robust Programming
- Penetration Studies
- Flaw Hypothesis Methodology
- Using vulnerabilities models
- Vulnerabilities Models
- Mandatory Access Control (MAC)
- Discretionary Access Control (DAC)
- Originator-Controlled Access Control (ORCON)
- Role-Based Access Control (RBAC)
- Confidentiality Models
- Bell-LaPadula Model
- Lattices and the BLP Model
Version of February 5, 2006 at 9:45 PM
You can also obtain a PDF version of this.