Lecture 10 Outline

Reading: text, §4; [War70]
Due: Homework 3, on May 9

  1. Greetings and felicitations!
    1. Midterm is Tuesday, May 2, in class
    2. Homework 3 is available and is due in 2 weeks, on May 9.
  2. Policy
    1. Sets of authorized, unauthorized states
    2. Secure systems in terms of states
    3. Mechanism vs. policy
  3. Types of Policies
    1. Military/government vs. confidentiality
    2. Commercial vs. integrity
  4. Types of Access Control
    1. Mandatory access control
    2. Discretionary access control
    3. Originator-controlled access control
    4. Attribute-based access control
  5. High-level policy languages
    1. Characterization
    2. Example: Ponder
  6. Low-level policy languages
    1. Characterization
    2. Example: tripwire configuration file
  7. Policies in natural language

Discussion question. Bureaucracies have their own version of the English language with which you must become familiar. To help you do so, here are some common phrases. See if you can translate them.
  1. Scintillate, scintillate, asteroid minikin.
  2. Members of an avian species of identical plumage congregate.
  3. Surveillance should precede saltation.
  4. Pulchritude possesses solely cutaneous profundity.
  5. It is fruitless to become lachrymose over precipitately departed lacteal fluid.
  6. Freedom from incrustations of grime is contiguous to rectitude.
  7. The writing implement is more potent than the claymore.
  8. It is fruitless to attempt to indoctrinate a superannuated canine with innovative maneuvers.
  9. Eschew the implement of correction and vitiate the scion.
  10. The temperature of the aqueous content of an unremittingly galled saucepan does not reach 212° Farenheit.
UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 153, Computer Security
Version of April 27, 2016 at 11:30PM

You can also obtain a PDF version of this.