Outline for February 15, 2012

Reading: §7.4, [WB04], 8.1

1. Role-based Access Control (RBAC)
   1. Definition of role
   2. Partitioning as job function
   3. Containment
2. Problem with instantiation of Bell-LaPadula Model
   1. Covert channel example: what is “writing”?
   2. Composition of lattices
   3. Principles of autonomy and security
3. Deterministic noninterference
   1. Model of system
   2. Example
   3. Relationship of output to states
   4. Projections and purge functions

ECS 235B, Foundations of Computer and Information Security Winter Quarter 2012