Outline for September 26, 2021

Reading: text, §4.3–4.4, 2.1–2.2, 5.1
Due: Homework 1, due October 5; Project selection, due Oct 7

  1. Types of Policies
    1. Military/government vs. confidentiality
    2. Commercial vs. integrity

  2. Access Control Matrix
    1. Commands, nesting, and conditions
      1. create subject
      2. create object
      3. destroy subject
      4. destroy object
      5. enter r into A[s, o]
      6. delete r from A[s, o]
    2. Copy flag, own rights
    3. Principle of attenuation of privilege

  3. Undecidability result

  4. Goals of confidentiality policies

  5. Bell-LaPadula Model with levels only
    1. Security levels
    2. Simple security property
    3. *-property
    4. Discretionary security property
    5. Simplified version of the Basic Security Theorem
UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 235A, Computer and Information Security
Version of September 26, 2022 at 3:39PM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh