Lecture 9 Outline

Reading: text, §4.1*–4.5*
Assignments: Homework 2, due Oct. 17; Lab 2, due Oct. 19


  1. Greetings and felicitations!
  2. Puzzle of the Day
  3. Policy
    1. Sets of authorized, unauthorized states
    2. Secure systems in terms of states
    3. Mechanism vs. policy
  4. Types of Policies
    1. Military/government vs. confidentiality
    2. Commercial vs. integrity
  5. Types of Access Control
    1. Mandatory access control
    2. Discretionary access control
    3. Originator-controlled access control
  6. High-level policy languages
    1. Characterization
    2. Example: DTEL
  7. Low-level policy languages
    1. Characterization
    2. Example: tripwire configuration file

You can also obtain a PDF version of this. Version of October 9, 2016 at 10:56PM