March 9, 2023 Outline

Reading: text, §18.3.3, 14, 31.1–31.4
Assignments: Homework #4, due March 14

  1. Mitigating covert channels
    1. Preallocation and hold until process terminates
    2. Impose uniformity
    3. Randomize resource allocation
    4. Efficiency/performance vs. security

  2. Principles of secure design
    1. Principle of least privilege
      1. Principle of least privilege
    2. Principle of fail-safe defaults
    3. Principle of economy of mechanism
    4. Principle of complete mediation
    5. Principle of open design
    6. Principle of separation of privilege
    7. Principle of least common mechanism
    8. Principle of least astonishment
      1. Principle of psychological acceptability

  3. Program security
    1. The program
    2. Requirements analysis
    3. Design
    4. First level refinement
    5. Second level refinement
    6. Error handling
UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 235B, Foundations of Computer and Information Security
Version of March 10, 2023 at 1:41PM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh