Outline for January 23, 2006

Reading : text, §13, 23

  1. Greetings and felicitations!
    1. Puzzle of the day
  2. Common Implementation Vulnerabilities
    1. Not resetting privileges (Purdue Games incident)
  3. Principles of Secure Design
    1. Principle of Least Privilege
    2. Principle of Fail-Safe Defaults
    3. Principle of Economy of Mechanism
    4. Principle of Complete Mediation
    5. Principle of Open Design
    6. Principle of Separation of Privilege
    7. Principle of Least Common Mechanism
    8. Principle of Psychological Acceptability
  4. Penetration Studies
    1. Why? Why not direct analysis?
    2. Effectiveness
    3. Interpretation
  5. Flaw Hypothesis Methodology
    1. System analysis
    2. Hypothesis generation
    3. Hypothesis testing
    4. Generalization
  6. System Analysis
    1. Learn everything you can about the system
    2. Learn everything you can about operational procedures
    3. Compare to other systems
  7. Hypothesis Generation
    1. Study the system, look for inconsistencies in interfaces
    2. Compare to other systems' flaws
    3. Compare to vulnerabilities models
  8. Hypothesis testing
    1. Look at system code, see if it would work (live experiment may be unneeded)
    2. If live experiment needed, observe usual protocols
  9. Generalization
    1. See if other programs, interfaces, or subjects/objects suffer from the same problem
    2. See if this suggests a more generic type of flaw
Version of January 23, 2006 at 7:00 AM
You can also obtain a PDF version of this.