Outline for January 4, 2016

Reading: text, §1
Assignments due: Presentation paper selection, Jan. 22; Project selection, Jan. 22

  1. Class overview
  2. Basic components
    1. Confidentiality
    2. Integrity
    3. Availability
  3. Threats
    1. Snooping
    2. Modification
    3. Masquerading; contrast with delegation
    4. Repudiation of origin
    5. Denial of receipt
    6. Delay
    7. Denial of service
  4. Role of policy
    1. Example of student copying files from another
    2. Emphasize: policy defines security
    3. Distinguish between policy and mechanism
  5. Goals of security
    1. Prevention
    2. Detection
    3. Recovery
  6. Trust
    1. First problem: security mechanisms correctly implement security policy
    2. Second problem: policy does what you want; define secure, precise
  7. Operational issues; change over time
    1. Cost-benefit analysis
    2. Risk analysis (comes into play in cost-benefit too)
    3. Laws and customs
  8. Human Factors
    1. Organizational problems
    2. People problems (include social engineering)

You can also obtain a PDF version of this. Version of January 18, 2016 at 11:28AM