Outline for October 9, 2006

Reading: §13; §23.1–23.2

  1. Greetings and felicitations!
    1. Puzzle of the day
  2. Principles of Secure Design
    1. Principle of Complete Mediation
    2. Principle of Open Design
    3. Principle of Separation of Privilege
    4. Principle of Least Common Mechanism
    5. Principle of Psychological Acceptability
  3. Penetration Studies
    1. Why? Why not direct analysis?
    2. Effectiveness
    3. Interpretation
  4. Flaw Hypothesis Methodology
    1. System analysis
    2. Hypothesis generation
    3. Hypothesis testing
    4. Generalization
You can also obtain a PDF version of this. Version of October 10, 2006 at 8:03 PM