|
Matt Bishop Office: 2209 Watershed Sciences Phone: +1 (530) 752-8060 Email: mabishop@ucdavis.edu |
Version of February 10, 2021 at 7:54PM
| notation | meaning | |
| S | set of subjects s | |
| Σ | set of states σ | |
| O | set of outputs o | |
| Z | set of commands z | |
| C | set of state transition commands (s, z), where subject s executes command z | |
| C* | set of possible sequences of commands c0, …, cni | |
| ν | empty sequence | |
| cs | sequence of commands | |
| T(c, σi) | resulting state when command c is executed in state σi | |
| T*(cs, σi) | resulting state when command sequence cs is executed in state σi | |
| P(c, σi) | output when command c is executed in state σi | |
| P*(cs, σi) | output when command sequence cs is executed in state σi | |
| proj(s, cs, σi) | set of outputs in P*(cs, σi) that subject s is authorized to see | |
| πG,A(cs) | subsequence of cs with all elements (s, z), s ∈ G and z ∈ A deleted | |
| dom(c) | protection domain in which c is executed | |
| ~dom(c) | equivalence relation on system states | |
| π′d(cs) | analogue to π above, but with protection domain and subject included |
|
ECS 235B, Foundations of Computer and Information Security Version of February 10, 2021 at 7:54PM
|
You can also obtain a PDF version of this.
|