Lecture 9 Outline (April 17, 2015)

Reading: §23.3–4, §2
Assignment: Homework 1, due April 17, 2015

  1. Greetings and felicitations!
  2. Discussion problem of the day
  3. NRL
    1. Goal: Find out how vulnerabilities enter the system, when they enter the system, and where they are
    2. Axis 1: inadvertent (RISOS classes) vs. intentional (malicious/nonmalicious)
    3. Axis 2: time of introduction (development, maintenance, operation)
    4. Axis 3: location (hardware, software: OS, support utilities, applications)
  4. Aslam
    1. Goal: Treat vulnerabilities as faults
    2. Coding faults: introduced during software development
      1. Synchronization errors
      2. Validation errors
    3. Emergent faults: introduced by incorrect initialization, use, or application
      1. Configuration errors
      2. Environment faults
    4. Introduced decision procedure to classify vulnerabilities in exactly one category
  5. Models of Attacks
    1. Example attack: rsh and synflooding
    2. Capabilities and requires/provides models
    3. Attack trees
  6. Access Control Matrix
    1. Subjects, objects, and rights
    2. Primitive commands: create subject/object, enter right, delete right, destroy subject/object
    3. Commands and conditions: create-file, various flavors of grant-right to show conditions and nested commands
    4. Copy flag
    5. Attenuation of privileges

Discussion question. After the first Gulf War ended in 1991, some generals realized that the Iraqi networks had been remarkably resilient. As soon as the Allies destroyed one station, the network promptly routed around it. The generals discovered that the Iraqis were using Internet routing protocols, which were designed for resiliency. Several promptly suggested that those protocols should be classified. What are the problems with doing this?

You can also obtain a PDF version of this. Version of April 16, 2015 at 9:12PM