Outline for May 3, 2013

Reading: §8.1–8.2, [KR02] (This is available in the Resources area of SmartSite; look in the folder “Handouts”)
Due: Homework #3, due May 10, 2013

Cryptographic Key Infrastructure
1. Certificates (X.509, PGP)
Problem with instantiation of Bell-LaPadula Model
1. Covert channel example: what is “writing”?
2. Composition of lattices
3. Principles of autonomy and security
Deterministic noninterference
1. Model of system
2. Example
3. Relationship of output to states
4. Projections and purge functions

Table of Notation

notation		meaning
S		set of subjects s
Σ		set of states σ
O		set of outputs o
Z		set of commands z
C		set of state transition commands (s, z), where subject s executes command z
C^*		set of possible sequences of commands c₀, …, c_{n_i}
ν		empty sequence
c_s		sequence of commands
T(c, σ_i)		resulting state when command c is executed in state σ_i
T^*(c_s, σ_i)		resulting state when command sequence c_s is executed in state σ_i
P(c, σ_i)		output when command c_{is executed in state σ_i}
P^(c_s*, σ_i)		output when command sequence c_s is executed in state σ_i
proj(s, c_s, σ_i)		set of outputs in P^(c_s*, σ_i) that subject s is authorized to see
π_G,A(c_s)		subsequence of c_s with all elements (s, z), s ∈ G and z ∈ A deleted
dom(c)		protection domain in which c is executed
~^dom(c)		equivalence relation on system states
π′_{d(c_s)}		analogue to π above, but with protection domain and subject included

You can also obtain a PDF version of this.

Version of May 2, 2013 at 8:21PM