Reading:text, § 4, 5.1–5.2 Assignment due: Homework #1, due January 23, 2014
Policy and models
Trust
Policy vs. mechanism
Policy languages
Web-based constraints
tripwire
English policy
Authorized Use Policy
Electronic Mail Policy
Secure, precise
Observability postulate
Theorem: for any program p and policy c, there is a secure, precise mechanism m* such that, for all security mechanisms m associated with p and c, m* ≈ m.
Theorem: There is no effective procedure that determines a maximally precise, secure mechanism for any policy and program