Lecture 5, April 10

Reading: text, §13, [Bel07] (This is available in the Resources area of SmartSite; look in the folder “Handouts”)
Due: Homework #1, due April 12, 2013

Discussion question. Bureaucracies have their own version of the English language with which you must become familiar. To help you do so, here are some common phrases. See if you can translate them.

1. Scintillate, scintillate, asteroid minikin.
2. Members of an avian species of identical plumage congregate.
3. Surveillance should precede saltation.
4. Pulchritude possesses solely cutaneous profundity.
5. It is fruitless to become lachrymose over precipitately departed lacteal fluid.
6. Freedom from incrustations of grime is contiguous to rectitude.
7. The writing implement is more potent than the claymore.
8. It is fruitless to attempt to indoctrinate a superannuated canine with innovative maneuvers.
9. Eschew the implement of correction and vitiate the scion.
10. The temperature of the aqueous content of an unremittingly galled saucepan does not reach 212° Farenheit.

Lecture outline.

1. Greetings and felicitations!
   1. If you have not completed the prerequisites in an earlier term, please fill out the wavier form and send it to me — otherwise the department will drop you from the course!
2. Principles of secure design
   1. Principle of least privilege
   2. Principle of fail-safe defaults
   3. Principle of economy of mechanism
   4. Principle of complete mediation
   5. Principle of open design
   6. Principle of separation of privilege
   7. Principle of least common mechanism
   8. Principle of least astonishment
3. Penetration Studies
   1. Why? Why not direct analysis?
   2. Effectiveness
   3. Interpretation