Notes for January 8, 1997
-
Hello
-
Correction: section is on F3:10-4:00PM (not W)
and there is no meeting this week
-
Puzzle of the day
-
Break into groups to discuss it for 5m or so, then present ideas
-
Key points: attacker is toast, under the EPCA so are the sysadmins;
if users are told that using their account means they waive their right
to privacy, it's okay
-
Amplifcation
-
Company reported to have 1-800 modems, no root password
-
How do you design a security policy?
-
Risk analysis
-
Analysis of other factors
-
Procedures
-
What are the threats?
-
How likely are they to arise?
-
How can they best be dealt with?
-
Analysis of other factors
-
What else affects the policy (federal or state law, needs, etc.)?
-
Law: as above; discuss jurisdiction (federal or local), problems
(illiteracy of authorities, etc.); chain of evidence
-
Discuss cryptographic software controls (here, France, etc.)
-
Procedures
-
what procedures need to be put in place, and how will they affect security?
-
Human Factors
-
Principle of Psychological Acceptability (note: illegal violates this)
-
Principle of keeping dangerous tools out of untrained hands
-
Design Principles
-
Principle of Psychological Acceptability
-
Principle of Least Privilege
-
Principle of Fail-Safe Defaults
-
Principle of Economy of Mechanism (KISS principle, redone)
-
Principle of Complete Mediation
-
Principle of Separation of Privilege
-
Principle of Least Common Mechanism
-
Principle of Open Design
-
You can also see this document as a
Binhex Framemaker version 5 document,
Postscript document,
or a
plain ASCII text document.
Send email to
[email protected].
Department of Computer Science
University of California at Davis
Davis, CA 95616-8562
Page last modified on 1/23/97