Outline for February 2, 1999

  1. Greetings and felicitations!
    1. Change in office hours: now TuTh11-12 (this matches what I have on my door)
  2. Chinese Wall Policy
    1. Arises as legal defense to insider trading on London stock exchange
    2. Low-level entities are objects; all objects concerning the same corporation form a CD (company dataset); CDs whose corporations are in competition are grouped into COIs (Conflict of Interest classes)
    3. Intuitive goal: keep one subject from reading different CDs in the same COI, or reading one CD and writing to another in same COI
    4. Simple Security Property: Read access granted if the object (a) is in the same CD as an object already accessed by the subject, or (b) is in a CD in an entirely different COI. Assumes correct initialization
    5. Theorems: (1) Once a subject has accessed an object, only other objects in that CD are available within that COI; (2) subject has access to at most 1 dataset in each COI class
    6. Exceptions: sanitized information
    7. * Property: Write access is permitted only if (a) read access is permitted by the simple security property; and (b) no object in a different CD in that COI can be read, unless it contains sanitized information
    8. Comparison to BLP: (1) ability to track history; (2) in CW, subjects choose which objects they can access but not in BLP; (3) CW requires both mandatory and discretionary parts, BLP is mandatory only.
  3. ORCON
    1. Originator controls distribution
    2. DAC, MAC inadequate
    3. Solution is combination
  4. Role-based Access Control (RBAC)
    1. Definition of role
    2. Partitioning as job function
    3. Discuss Data General model


You can get this document in ASCII text, Framemaker+SGML version 5.5, PDF (for Acrobat 3.0 or later), or Postscript.
Send email to [email protected].

Department of Computer Science
University of California at Davis
Davis, CA 95616-8562



Page last modified on 3/9/99