Outline for January 8, 2007

  1. Greetings and Felicitations!
  2. Miscellaneous points
    1. Copy flag and right
    2. Own as a special right
    3. Principle of attenuation of privilege
  3. What is the safety question?
    1. An unauthorized state is one in which a generic right r could be leaked into an entry in the ACM that did not previously contain r. An initial state is safe for r if it cannot lead to a state in which r could be leaked.
    2. Question: in a given arbitrary protection system, is safety decidable?
    3. Theorem: there is an algorithm that decides whether a given mono-operational system and initial state is safe for a given generic right.
  4. General case: It is undecidable whether a given state of a given protection system is safe for a given generic right.
    1. Represent TM as ACM
    2. Reduce halting problem to it
  5. Take-Grant
    1. Counterpoint to HRU result
    2. Symmetry of take and grant rights
    3. Islands (maximal subject-only tg-connected subgraphs)
    4. Bridges (as a combination of terminal and initial spans)

Here is a PDF version of this document.