April 30, 2025 Outline

April 30, 2025 Outline

Reading: text §8.2–8.4, paper “Traducement: A Model for Record Security” [WB04]
Due: Homework #2, due April 30 (Note changed due date); Project progress report, due May 7

Module 29 (Reading: text §8.2)

  1. Clinical Information System Security model
    1. Enforcement
    2. Comparison with Bell-LaPadula, Clark-Wilson

Module 30 (Reading: text §8.3)

  1. ORCON
    1. Originator controls distribution
    2. DAC, MAC inadequate
    3. Solution is combination

Module 31 (Reading: text §8.4)

  1. Role-based Access Control (RBAC)
    1. Definition of role
    2. Partitioning as job function
    3. Axioms
    4. Containment and other uses
    5. RBAC0, RBAC1, RBAC2, RBAC3

Module 32 (Reading: [WB04])

  1. Traducement
    1. Problem of recordation
    2. Requirements of solution
UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 235B, Foundations of Computer and Information Security
Version of May 2, 2025 at 9:40AM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh