Outline for May 3, 2013

Reading: §8.1–8.2, [KR02] (This is available in the Resources area of SmartSite; look in the folder “Handouts”)
Due: Homework #3, due May 10, 2013
  1. Cryptographic Key Infrastructure
    1. Certificates (X.509, PGP)
  2. Problem with instantiation of Bell-LaPadula Model
    1. Covert channel example: what is “writing”?
    2. Composition of lattices
    3. Principles of autonomy and security
  3. Deterministic noninterference
    1. Model of system
    2. Example
    3. Relationship of output to states
    4. Projections and purge functions

Table of Notation

notation   meaning
S   set of subjects s
Σ   set of states σ
O   set of outputs o
Z   set of commands z
C   set of state transition commands (s, z), where subject s executes command z
C*   set of possible sequences of commands c0, …, cni
ν   empty sequence
cs   sequence of commands
T(c, σi)   resulting state when command c is executed in state σi
T*(cs, σi)   resulting state when command sequence cs is executed in state σi
P(c, σi)   output when command c is executed in state σi
P*(cs, σi)   output when command sequence cs is executed in state σi
proj(s, cs, σi)   set of outputs in P*(cs, σi) that subject s is authorized to see
πG,A(cs)   subsequence of cs with all elements (s, z), sG and zA deleted
dom(c)   protection domain in which c is executed
~dom(c)   equivalence relation on system states
π′d(cs)   analogue to π above, but with protection domain and subject included

You can also obtain a PDF version of this. Version of May 2, 2013 at 8:21PM