Outline for May 12, 1997

  1. Greetings and Felicitations
    1. Please remember to give me write-ups of your vulnerabilities, both what worked and what didn't, in the format discussed earlier
  2. Take-Grant
    1. Show bridges (as a combination of terminal and initial spans)
    2. Show islands (maximal subject-only tg-connected subgraphs)
    3. can*share(r, x, y, G0) iff there is an edge from x to y labelled r in G0, or all of the following hold: (1) there is a vertex y'' with an edge from y' to y labelled r; (2) there is a subject y' which terminally spans to y'', or y' = y''; (3) there is a subject x' which initially spans to x, or x' = x; and (4) there is a sequence of islands I1, ..., In connected by bridges for which x' is in I1 and y' is in In .
    4. Describe can*steal; don't state theorem
  3. Lattice models
    1. poset, <= the relation
    2. highest and lowest
    3. Set of classes SC is a partially ordered set under relation <= with GLB (greatest lower bound), LUB (least upper bound) operators
    4. Note: is reflexive, transitive, antisymmetric
    5. Examples: (A, C) <= (A', C') iff A <= A' and C is a subset of C'; LUB((A, C), (A', C')) = (max(A, A'), union(C, C')) GLB((A, C), (A', C')) = (min(A, A'), intersection(C, C'))
  4. Bell-LaPadula (informal)
    1. Go through security levels, categories, compartments
    2. Describe simple security property (no reads up) and *-property (no writes down)
    3. State Basic Security Theorem: if it's secure and transformations follow these rules, it's still secure

Notes by Jeff Rowe:
You can get this document in Postscript, ASCII text, or Framemaker version 5.1.
Send email to cs253@csif.cs.ucdavis.edu.

Department of Computer Science
University of California at Davis
Davis, CA 95616-8562



Page last modified on 4/4/97