Outline for March 13, 2006

Reading: text, §15.4, 26.3–26.3.2.1, 22.1–22.2

  1. Greetings and felicitations!
    1. Puzzle of the day
  2. MULTICS ring mechanism
    1. MULTICS rings: used for both data and procedures; rights are REWA
    2. (b1, b2) access bracket–can access freely; (b3, b4) call bracket–can call segment through gate; so if a’s access bracket is (32,35) and its call bracket is (36,39), then assuming permission mode (REWA) allows access, a procedure in:
      rings 0-31: can access a, but ring-crossing fault occurs
      rings 32-35: can access a, no ring-crossing fault
      rings 36-39: can access a, provided a valid gate is used as an entry point
      rings 40-63: cannot access a
    3. If the procedure is accessing a data segment d, no call bracket allowed; given the above, assuming permission mode (REWA) allows access, a procedure in:
      rings 0-32: can access d
      rings 33-35: can access d, but cannot write to it (W or A)
      rings 36-63: cannot access d
  3. Firewalls
    1. Filtering vs. proxy
    2. Access control mechanism
    3. DMZ, and inner and outer firewalls
  4. Malicious logic
    1. Quickly review Trojan horses, viruses, bacteria; include animal and Thompson's compiler trick

Version of March 13, 2006 at 9:18 PM

You can also obtain a PDF version of this.