March 4, 2014 Outline

Reading: § 16, 17
Assignment due: Homework #3, due March 4, 2014
Project: due March 21, 2014

  1. Compiler-based flow mechanisms (con’t)
    1. Exceptions and infinite loops
    2. Semaphores
    3. Cobegin/coend
    4. Soundness
  2. Execution-based flow mechanisms
    1. Fenton’s Data Mark Machine
    2. Variable classes
  3. Examples
    1. Security pipeline interface
    2. Secure network server mail guard
  4. Confinement problem
    1. What it is
    2. Covert channels
    3. Rule of transitive confinement
    4. Difficulty of preventing leaking
  5. Isolation: virtual machines
    1. What it is
    2. Example: KVM/370
    3. Example: VAX/VMM
  6. Isolation: sandboxes
    1. What it is
    2. Adding mechanisms to libraries or kernel
    3. Modify program or process to be executed
    4. Example: Janus
You can also obtain a PDF version of this. Version of February 28, 2014 at 4:53PM