|
Matt Bishop Office: 2209 Watershed Sciences Phone: +1 (530) 752-8060 Email: mabishop@ucdavis.edu |
Version of January 1, 2024 at 5:35PM
| notation | meaning |
|---|---|
| S | set of subjects s |
| Σ | set of states σ |
| O | set of outputs o |
| Z | set of commands z |
| C | set of state transition commands (s, z), where subject s executes command z |
| C* | set of possible sequences of commands c0, …, cn |
| ν | empty sequence |
| cs | sequence of commands |
| T(c, σi) | resulting state when command c is executed in state σi |
| T*(cs, σi) | resulting state when command sequence cs is executed in state σi |
| P(c, σi) | output when command c is executed in state σi |
| P*(cs, σi) | output when command sequence cs is executed in state σi |
| proj(s, cs, σi) | set of outputs in P*(cs, σi) that subject s is authorized to see |
| πG(cs) | subsequence of cs with all elements (s, z), s ∈ G, deleted |
| πA(cs) | subsequence of cs with all elements (s, z), z ∈ A, deleted |
| πG,A(cs) | subsequence of cs with all elements (s, z), s ∈ G and z ∈ A deleted |
| dom(c) | protection domain in which c is executed |
| ~dom(c) | equivalence relation on system states |
| π′d(cs) | analogue to π above, but with protection domain and subject included |
|
ECS 235B, Foundations of Computer and Information Security Version of January 1, 2024 at 5:35PM
|
You can also obtain a PDF version of this.
|