Outline for September 29, 2023

Reading: text, §14, 4.1–4.2
Due: Homework 1, due October 9; Project teams, question, due Oct 11

  1. Principles of secure design
    1. Bases: simplicity, restrictiveness
    2. Principle of least privilege
      1. Principle of least authority
    3. Principle of fail-safe defaults
    4. Principle of economy of mechanism
    5. Principle of complete mediation
    6. Principle of open design
    7. Principle of separation of privilege
    8. Principle of least common mechanism
    9. Principle of least astonishment
      1. Principle of psychological acceptability

  2. Policy
    1. Sets of authorized, unauthorized states
    2. Secure systems in terms of states
    3. Defining confidentiality, integrity, availability
    4. Policy models and mechanisms
UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 235A, Computer and Information Security
Version of October 2, 2023 at 11:07AM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh