May 1, 2026 Outline

Reading: text, §20
Assignments: Homework #3 due May 11; Project progress report, due May 11

  1. Build-in vs. add-on security

  2. Policy and requirements
    1. Security specifications
    2. Problems with precision
    3. Example: System X and Bell-LaPadula
    4. Justifying requirements

  3. Design documents
    1. Security functions summary specification
    2. External functional specification
    3. Internal design description

  4. Justifying design meets requirements
    1. Reviews

  5. Techniques to support implementation assurance
    1. Implementation considerations
    2. Implementation management
    3. Testing

  6. Operation and Maintenance Assurance
UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 235B, Foundations of Computer and Information Security
Version of April 30, 2026 at 6:19PM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh