Outline for September 21, 2022

Reading: text, §1
Due: Homework 1, due October 5; Project selection, due Oct 7


  1. Class overview

  2. Basic components
    1. Confidentiality
    2. Integrity
    3. Availability

  3. Threats
    1. Snooping
    2. Modification
    3. Masquerading; contrast with delegation
    4. Repudiation of origin
    5. Denial of receipt
    6. Delay
    7. Denial of service

  4. Role of policy
    1. Example of student copying files from another
    2. Emphasize: policy defines security
    3. Distinguish between policy and mechanism

  5. Goals of security
    1. Prevention
    2. Detection
    3. Recovery

  6. Trust
    1. First problem: security mechanisms correctly implement security policy
    2. Second problem: policy does what you want; define secure, precise

  7. Operational issues; change over time
    1. Cost-benefit analysis
    2. Risk analysis (comes into play in cost-benefit too)
    3. Laws and customs

  8. Human Factors
    1. Organizational problems
    2. People problems (include social engineering)


UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 235A, Computer and Information Security
Version of September 19, 2022 at 9:55PM

You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh