Outline for February 23, 1999

1.	Greetings and felicitations!

2.	Information flow

a.	Deals with right to disseminate information.

b.	Assume lattice-structured information flow policy (› la BLP); represent as (SC, )

c.	Explicit vs. implicit information flows

3.	Program statements; define when "secure"

a.	assignment

b.	compound

c.	alternation

d.	iteration

e.	function call

f.	composition of above; show compile/parse tree

4.	Give examples (copy)

5.	Execution-Based with Fixed Classes

a.	verify flows at times of explicit assignment to object

b.	cannot report attempted security violations

6.	Execution-Based with Variable Classes

a.	change variable's class to allow flow

b.	fails for implicit

7.	Compiler-Based Mechanisms

a.	assures secure execution of each statement

b.	may reject secure mechanisms (not precise)

c.	procedures

d.	arrays

e.	gotos (blocks)

f.	errors

8.	Flow verification