Lecture 5: April 8, 2026

Reading: text, §2, 4.1–4.4
Assignments: Homework 1, due April 10, 2026

  1. Greetings and felicitations!

  2. Access Control Matrix
    1. Commands and conditions: create•{}file, various flavors of grant•{}right to show conditions and nested commands
    2. Copy flag, own rights
    3. Principle of attenuation of privilege

  3. Decidability of security
    1. Notion of leakage in terms of ACM
    2. Determining security of a generic system with generic rights and mono-operational commands is decidable
    3. Determining security of a generic system with generic rights is undecidable (HRU result)
    4. Meaning: can’t derive a generic algorithm; must look at (sets of) individual case

  4. Policy
    1. Sets of authorized, unauthorized states
    2. Secure systems in terms of states
    3. Mechanism vs. policy

  5. Types of Policies
    1. Military/government vs. confidentiality
    2. Commercial vs. integrity

  6. Trust
UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 153A, Computer & Information Security & Privacy I
Version of April 8, 2026 at 3:53PM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh