Lecture 11: April 21, 2021

Reading: text, §4.4–4.6, G
Due: Homework 2, due April 21, 2021; Lab 2, due May 5, 2021


  1. Types of Access Control
    1. Mandatory access control
    2. Discretionary access control
    3. Originator-controlled access control

  2. High-level policy languages
    1. Characterization
    2. Example: Ponder

  3. Low-level policy languages
    1. Characterization
    2. Example: tripwire configuration file

  4. Example policies
    1. UC Davis Allowable Use Policy
      1. Rights and responsibilities
      2. Privacy
      3. Enforcement
      4. Unacceptable conduct
    2. University Electronic Communications policy
      1. General provisions
      2. Allowable use
      3. Privacy and confidentiality
      4. Security
      5. Retention and disposition
    3. User advisories
    4. UC Davis implementation


UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: [email protected]
ECS 135, Computer Security
Version of April 21, 2021 at 10:48PM

You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh