Notes for October 2, 1998
- Greetings and Felicitations!
- Go through handouts, class rules
- Will require adding some vulnerabilities to the DOVES database as part of
the course
- May perform a penetration exercise on an as-yet-undetermined system
- Puzzle of the day
- Not appropriate; invasion of systems akin to invading a home or business;
Times will ignore protesters as "irresponsible" or may attack symptom (try to
find, prosecute attackers) or even find just one security problem rather than
secure the site
- Idea here is to force Times to deal with problem of bad reporting (as
attackers see it); this won't do it. Better would be to publicize stories
written by the reporter with a line-by-line critique, and be sure all the
Times' competitors get them (in other words, let the reporter's incompetence
speak for itself, and in effect ask why a respectable newspaper would employ a
reporter who can't get facts straight)
- How do you design a security policy?
- Risk analysis
- Analysis of other factors:
- Procedures
- Risk analysis
- What are the threats?
- How likely are they to arise?
- How can they best be dealt with?
- Analysis of other factors
- What else affects the policy (federal or state law, needs, etc.)?
- Law: as above; discuss jurisdiction (federal or local), problems
(authorities' lack of knowledge about computers, etc.); chain of
evidence
- Discuss cryptographic software controls (here, France, etc.)
- Procedures
- What procedures need to be put in place, and how will they affect
security?
- Human Factors
- Principle of Psychological Acceptability (note: illegal violates this)
- Principle of common sense (it's not common; more when we discuss robust
programming)
- Design Principles
- Principle of Psychological Acceptability
- Principle of Least Privilege
- Principle of Fail-Safe Defaults
- Principle of Economy of Mechanism (KISS principle, redone)
- Principle of Complete Mediation
- Principle of Separation of Privilege
- Principle of Least Common Mechanism
- Principle of Open Design
You can also see this document
in its native format,
in Postscript,
in PDF,
or
in ASCII text.
Send email to
[email protected].
Department of Computer Science
University of California at Davis
Davis, CA 95616-8562
Page last modified on 10/3/98