Outline for February 2, 1999
- Greetings and felicitations!
- Change in office hours: now TuTh11-12 (this matches what I have on my
door)
- Chinese Wall Policy
- Arises as legal defense to insider trading on London stock exchange
- Low-level entities are objects; all objects concerning the same corporation
form a CD (company dataset); CDs whose corporations are in competition are
grouped into COIs (Conflict of Interest classes)
- Intuitive goal: keep one subject from reading different CDs in the same COI,
or reading one CD and writing to another in same COI
- Simple Security Property: Read access granted if the object (a) is in the
same CD as an object already accessed by the subject, or (b) is in a CD in an
entirely different COI. Assumes correct initialization
- Theorems: (1) Once a subject has accessed an object, only other objects in
that CD are available within that COI; (2) subject has access to at most 1
dataset in each COI class
- Exceptions: sanitized information
- * Property: Write access is permitted only if (a) read access is permitted
by the simple security property; and (b) no object in a different CD in that
COI can be read, unless it contains sanitized information
- Comparison to BLP: (1) ability to track history; (2) in CW, subjects choose
which objects they can access but not in BLP; (3) CW requires both mandatory
and discretionary parts, BLP is mandatory only.
- ORCON
- Originator controls distribution
- DAC, MAC inadequate
- Solution is combination
- Role-based Access Control (RBAC)
- Definition of role
- Partitioning as job function
- Discuss Data General model
You can get this document in
ASCII text,
Framemaker+SGML version 5.5,
PDF (for Acrobat 3.0 or later),
or
Postscript.
Send email to
[email protected].
Department of Computer Science
University of California at Davis
Davis, CA 95616-8562
Page last modified on 3/9/99