Table of contents

Slide 1

Trust

Policy

Model

Design

trust

dichotomy of "Secure"

Quality

tradeoffs

not a dichotomy

Security Policies

need-to-know

Compartments

Classification

Domination

dominance for dummies

Commercial policies

public, proprietary and internal

No dominance

Integrity and availability

Clark-Wilson

Separation of Duty

Slide 23

CHinese Wall Security Policy

Slide 25

Slide 26

Security Models

lattice model

Bell-La Padula

Bell-La Padula Properties

Biba Integrity

Theoretical Models

Graham-Denning

Slide 34

HRU

HRU Cont

Take-Grant Systems

Answers

Design of Operating Systems.

Security Principles

Security features

trusted features

Identification and Authentication

Mandatory/Discretionary access control

Object reuse

Complete mediation

Trusted Path

Accountability and Audit

Audit Log reduction

Intrusion Detection