Lecture 10: April 19, 2021

Reading: text, §2, 3.1–3.2,4–4.6
Due: Homework 2, due April 21, 2021; Lab 1, due April 19, 2021


  1. Access Control Matrix
    1. Commands and conditions: create•file, various flavors of grant•right to show conditions and nested commands
    2. Copy flag, own rights
    3. Principle of attenuation of privilege

  2. Decidability of security
    1. Notion of leakage in terms of ACM
    2. Determining security of a generic system with generic rights and mono-operational commands is decidable
    3. Determining security of a generic system with generic rights is undecidable (HRU result)
    4. Meaning: can’t derive a generic algorithm; must look at (sets of) individual case

  3. Policy
    1. Sets of authorized, unauthorized states
    2. Secure systems in terms of states
    3. Mechanism vs. policy

  4. Types of Policies
    1. Military/government vs. confidentiality
    2. Commercial vs. integrity


UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: [email protected]
ECS 135, Computer Security
Version of April 20, 2021 at 11:12PM

You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh