Lecture 5: April 8, 2026

Reading: text, §4.5–4.6, 5.1–5.2.2, 5.3, G
Assignments: Homework 1, due April 10, 2026

  1. Greetings and felicitations!

  2. Trust

  3. High-level policy languages
    1. Characterization
    2. Example: Ponder

  4. Low-level policy languages
    1. Characterization
    2. Example: tripwire configuration file

  5. Example policies
    1. UC Davis Allowable Use Policy
      1. Rights and responsibilities
      2. Privacy
      3. Enforcement
      4. Unacceptable conduct
    2. University Electronic Communications policy
      1. General provisions
      2. Allowable use
      3. Privacy and confidentiality
      4. Security
      5. Retention and disposition
    3. User advisories
    4. UC Davis implementation

  6. Goals of confidentiality policies

  7. Bell-LaPadula Model with levels only
    1. Security levels
    2. Simple security property
    3. *-property
    4. Discretionary security property
    5. Simplified version of the Basic Security Theorem

  8. Full Bell-LaPadula Model
    1. Add in compartments
    2. dom relation
    3. BLP as lattice structure
    4. Simple security property
    5. *-Property
    6. Discretionary security property
    7. Basic Security Theorem
UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 153A, Computer & Information Security & Privacy I
Version of April 12, 2026 at 4:12PM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh