Outline for October 20, 2006

Reading: §3.1–3.2, 4.1–4.3

  1. Greetings and felicitations!
    1. Puzzle of the day
  2. HRU Result
    1. Notion of leakage in terms of ACM
    2. Determining security of a generic system with generic rights and monooperational commands is decidable
    3. Determining security of a generic system with generic rights is undecidable
    4. Meaning: can't derive a generic algorithm; must look at (sets of) individual case
  3. Policy
    1. Sets of authorized, unauthorized states
    2. Secure systems in terms of states
    3. Mechanism vs. policy
  4. Types of Policies
    1. Military/government vs. confidentiality
    2. Commercial vs. integrity
You can also obtain a PDF version of this. Version of October 22, 2006 at 8:07 PM