May 4, 2026 Outline

Reading: text, §20, 22–22.2
Assignments: Homework #3 due May 11; Project progress report, due May 11

  1. Policy and requirements
    1. Security specifications
    2. Problems with precision
    3. Example: System X and Bell-LaPadula
    4. Justifying requirements

  2. Design documents
    1. Security functions summary specification
    2. External functional specific ation
    3. Internal design description

  3. Justifying design meets requirements
    1. Reviews

  4. Techniques to support implementation assurance
    1. Implementation considerations
    2. Implementation management
    3. Testing

  5. Operation and Maintenance Assurance

  6. Evaluation criteria
    1. Trusted Computer Security Evaluation Criteria (TCSEC, Rainbow Series)
UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 235B, Foundations of Computer and Information Security
Version of May 4, 2026 at 9:58PM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh