Outline for September 27, 2021

Reading: text, §4.3–4.4, 2.1–2.2, 5.1
Due: Homework 1, due October 6; Project selection, due Oct 8

  1. Policy
    1. Mechanism vs. policy

  2. Types of Policies
    1. Military/government vs. confidentiality
    2. Commercial vs. integrity

  3. Types of Access Control
    1. Mandatory access control
    2. Discretionary access control
    3. Originator-controlled access control

  4. Access Control Matrix
    1. Commands and conditions: create•file, various flavors of grant•right to show conditions and nested commands
    2. Copy flag, own rights
    3. Principle of attenuation of privilege

  5. Goals of confidentiality policies

UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 235A, Computer and Information Security
Version of September 27, 2021 at 3:14PM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh