Outline for September 26, 2024

Reading: text, §14, 20.1.2.2, 4.1–4.3
Assignments: Homework 1, due October 8; Project selection, due Oct 10

  1. Class overview

  2. Principles of secure design
    1. Bases: simplicity, restrictiveness
    2. Principle of least privilege
      1. Principle of least authority
    3. Principle of fail-safe defaults
    4. Principle of economy of mechanism
    5. Principle of complete mediation
    6. Principle of open design
    7. Principle of separation of privilege
    8. Principle of least common mechanism
    9. Principle of least astonishment
      1. Principle of psychological acceptability

  3. Reference monitor
    1. Entities, subjects, and objects
    2. What a reference monitor, reference validation mechanism are
    3. Relationship to policy

  4. Policy
    1. Sets of authorized, unauthorized states
    2. Secure systems in terms of states
    3. Defining confidentiality, integrity, availability
    4. Policy models and mechanisms
    5. Example

  5. Types of Policies
    1. Military/government vs. confidentiality
    2. Commercial vs. integrity
UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 235A, Computer and Information Security
Version of September 25, 2025 at 6:50PM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh