Notes for January 6, 1997
- Hello
- Pass out, go through class information handout
- Puzzle of the day: something to think about for the class.
May or may not be a right or wrong answer.
- Project: more on this on Friday; can work as teams of 3 or less,
or as individuals
- Puzzle of the day
- Have class comment, etc.
- Point is the security policy completely defines "security"
- Amplifcation
- Student breaks in, reports break in. What happens?
- In real incident: account suspended. Should have asked first.
- No longer true that breaking in gets you a job.
- What is security?
- Defined strictly by a "security policy"; axiomatic
- 3 components: confidentiality, integrity, availability
- Confidentiality
- Hiding things; cryptography, access control
- May need to hide fact that anything is hidden; steganography,
capabilities (if it can't be named, it can't be accessed)
- Discuss "security through obscurity" here
- Integrity
- Making sure contents aren't tampered with
- Data integrity: what you sent is what arrives (cryptographic checksums,
access controls)
- Origin integrity: identity of originator is associated with message
(authenticator, digital signature)
- Availability
- Being sure access is possible ("denial of service")
- May be an issue of access permissions, cryptographic keys
- May be related to other, non-security problems
- Trust and Systems
- What can you trust?
- What do you trust - OS, compilers, libraries, etc.
- Concept of a TCB
You can also see this document as a
Binhex Framemaker version 5 document,
Postscript document,
or a
plain ASCII text document.
Send email to
[email protected].
Department of Computer Science
University of California at Davis
Davis, CA 95616-8562
Page last modified on 1/23/97