Outline for October 18, 2006
: §23.4, 2
Greetings and felicitations!
Puzzle of the day
Goal: Treat vulnerabilities as faults
Coding faults: introduced during software development
Emergent faults: introduced by incorrect initialization, use, or application
Introduced decision procedure to classify vulnerabilities in exactly one category
Access Control Matrix
Subjects, objects, and rights
Primitive commands: create subject/object, enter right, delete right, destroy subject/object
Commands and conditions: create-file, various flavors of grant-right to show conditions and nested commands
Attenuation of privileges
You can also obtain a PDF version of this.
Version of October 19, 2006 at 7:42 PM