February 27, 2019 Outline

Reading: text, §17, 14
Due: Homework 4, due March 8, 2019

  1. Compiler-based flow mechanisms
    1. Exceptions and infinite loops
    2. Semaphores
    3. Cobegin/coend
    4. Soundness
  2. Execution-based flow mechanisms
    1. Fenton’s Data Mark Machine
    2. Variable classes
  3. Examples
    1. Android taint analysis
    2. Firewalls
  4. Principles of secure design
    1. Principle of least privilege
    2. Principle of fail-safe defaults
    3. Principle of economy of mechanism
    4. Principle of complete mediation
    5. Principle of open design
    6. Principle of separation of privilege
    7. Principle of least common mechanism
    8. Principle of least astonishment
UC Davis seal
Matt Bishop
Office: 2209 Watershed Science
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
You can also obtain a PDF version of this.
Version of February 26, 2019 at 5:05PM