Outline for September 29, 2025

Reading: text, §4.2–4.3, 2.1–2.3
Assignments: Homework 1, due October 8; Project selection, due Oct 10

  1. Class overview

  2. Policy
    1. Sets of authorized, unauthorized states
    2. Secure systems in terms of states
    3. Defining confidentiality, integrity, availability
    4. Policy models and mechanisms
    5. Example

  3. Types of Policies
    1. Military/government vs. confidentiality
    2. Commercial vs. integrity

  4. Access Control Matrix
    1. What it is
    2. Primitive operations
      1. create subject
      2. create object
      3. destroy subject
      4. destroy object
      5. enter r into A[s, o]
      6. delete r from A[s, o],
    3. Commands, nesting, and conditions
      1. Mono-operational commands
      2. Conditional commands
UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 235A, Computer and Information Security
Version of September 30, 2025 at 12:51PM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh