Register now to access 7 million high quality study materials (What's Course Hero?) Course Hero is the premier provider of high quality online educational resources. With millions of study documents, online tutors, digital flashcards and free courseware, Course Hero is helping students learn more efficiently and effectively. Whether you're interested in exploring new subjects or mastering key topics for your next exam, Course Hero has the tools you need to achieve your goals.
11 Pages
13
Course: COMP 424, Fall 2009School: CSU Northridge
Rating:
Word Count: 397
Document Preview
13: Chapter Design Principles Overview Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation of Privilege Least Common Mechanism Psychological Acceptability Computer Security: Art and Science 2002-2004 Matt Bishop Slide #13-1 June 1, 2004 Overview Simplicity Less to go wrong Fewer possible inconsistencies Easy to understand Restriction...
Unformatted Document Excerpt
Coursehero >> California >> CSU Northridge >> COMP 424Course Hero has millions of student submitted documents similar to the one
below including study guides, practice problems, reference materials, practice exams, textbook help and tutor support.
Course Hero has millions of student submitted documents similar to the one
below including study guides, practice problems, reference materials, practice exams, textbook help and tutor support.
13: Chapter Design Principles
Overview Principles
Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation of Privilege Least Common Mechanism Psychological Acceptability
Computer Security: Art and Science 2002-2004 Matt Bishop Slide #13-1
June 1, 2004
Overview
Simplicity
Less to go wrong Fewer possible inconsistencies Easy to understand
Restriction
Minimize access Inhibit communication
June 1, 2004 Computer Security: Art and Science 2002-2004 Matt Bishop Slide #13-2
Least Privilege
A subject should be given only those privileges necessary to complete its task
Function, not identity, controls Rights added as needed, discarded after use Minimal protection domain
June 1, 2004
Computer Security: Art and Science 2002-2004 Matt Bishop
Slide #13-3
Fail-Safe Defaults
Default action is to deny access If action fails, system as secure as when action began
June 1, 2004
Computer Security: Art and Science 2002-2004 Matt Bishop
Slide #13-4
Economy of Mechanism
Keep it as simple as possible
KISS Principle
Simpler means less can go wrong
And when errors occur, they are easier to understand and fix
Interfaces and interactions
June 1, 2004
Computer Security: Art and Science 2002-2004 Matt Bishop
Slide #13-5
Complete Mediation
Check every access Usually done once, on first action
UNIX: access checked on open, not checked thereafter
If permissions change after, may get unauthorized access
June 2004
Computer 1, Security: Art and Science 2002-2004 Matt Bishop
Slide #13-6
Open Design
Security should not depend on secrecy of design or implementation
Popularly misunderstood to mean that source code should be public "Security through obscurity" Does not apply to information such as passwords or cryptographic keys
June 1, 2004
Computer Security: Art and Science 2002-2004 Matt Bishop
Slide #13-7
Separation of Privilege
Require multiple conditions to grant privilege
Separation of duty Defense in depth
June 1, 2004
Computer Security: Art and Science 2002-2004 Matt Bishop
Slide #13-8
Least Common Mechanism
Mechanisms should not be shared
Information can flow along shared channels Covert channels
Isolation
Virtual machines Sandboxes
June 1, 2004
Computer Security: Art and Science 2002-2004 Matt Bishop
Slide #13-9
Psychological Acceptability
Security mechanisms should not add to difficulty of accessing resource
Hide complexity introduced by security mechanisms Ease of installation, configuration, use Human factors critical here
June 1, 2004
Computer Security: Art and Science 2002-2004 Matt Bishop
Slide #13-10
Key Points
Principles of secure design underlie all security-related mechanisms Require:
Good understanding of goal of mechanism and environment in which it is to be used Careful analysis and design Careful implementation
June 1, 2004 Computer Security: Art and Science 2002-2004 Matt Bishop Slide #13-11
Find millions of documents on Course Hero - Study Guides, Lecture Notes, Reference Materials, Practice Exams and more.
Course Hero has millions of course specific materials providing students with the best way to expand
their education.
Below is a small sample set of documents:
Below is a small sample set of documents:
CSU Northridge - COMP - 424
Chapter 14: Identity What is identity Multiple names for one thing Different contexts, environments Pseudonymity and anonymityJuly 1, 2004Computer Security: Art and Science 2002-2004 Matt BishopSlide #15-1Overview Files and objects
Illinois State - CHE - 232
Chapter 19 Sheet 7Reaction Extravaganza1) Give the products for the reactions shown below.a) O b) CN H+ H2O, HNO3c)Br1) Mg, Et2O 2) CO2 3) H+ , H2Od)O OH PCl3e) CrO3 OH H2SO4 CO2 THFf)Li CH2g)KMnO4 HO- , H2O, h)1) KMnO4 H
CSU Northridge - COMP - 282
COMP 282Lecture 09 Advanced? Tables HeapsTables "Tables" are used to store related data in an organized fashion suitable for efficient retrieval. Efficient manipulation can also be of primary concern.Tables (Databases use `em. You can too)Fir
Illinois State - CHE - 232
Chapter 19 Sheet 7Reaction Extravaganza1) Give the products for the reactions shown below.a) O b) CN H+ H2O, O OH HNO3 O OHc)Br1) Mg, Et2O 2) CO2 3) H+ , H2OO OHd)O OH PCl3O Cle) CrO3 OH H2SO4 CO2 THF O g) O OH O OH O- Li+f)L
Illinois State - CHE - 232
Chapter 19 Sheet 8Mechanism Extravaganza1) Give the products for the reactions shown below.a) O OH + NH2 b)O OH + H+ OH H2O, c)O OH NH2d)OO OH
CSU Northridge - LECTURE - 424
Comp 424Lecture 12 Database Security DBMS: Database Management System RDBMS: Relational Database Management System Ubiquitous Examples: ACCESS Oracle PostgreSQL MySQL Data is organized as tables of records Tables as organized as col
CSU Northridge - COMP - 282
COMP282Lecture 10 heapsortHeapsort Yet another method for sorting Assuming data is stored in an array. Data is unsorted. The data can be sorted efficiently O(n log(n) by performing the following steps: Rebuild the order of the elements in th
CSU Northridge - LECTURE - 424
COMP424Lecture13 NetworksNetworksNetworks:Composedofmultiple,possiblyremote,entities thatcommunicateovertransmissionmedia Providesecure,reliabledatatransmission betweencomponententitiestopromotesharing andcommunication resourcesharing,incre
CSU Northridge - COMP - 282
COMP282Lecture 20 HashingTrying to achieve O(1) Balanced binary trees are pretty efficient at O(log(n). Sometimes this is still not efficient enough. O(1) would be ideal. A class of data structures for achieving this is called "hash tables".
CSU Northridge - LECTURE - 424
COMP424Lecture03 BasicEncryptionSystems (Substitution,Transposition,OneTimepads)CaeserCipherAmessageisencryptedbysubstitutingeach characterwithacharacterthatisfixed positionawayinthealphabet.c i =E pi = pi 3 Decryptionisaccomplishedbysim
CSU Northridge - LECTURE - 429
COMP429 Computer Network SoftwareLecture 01: HistoryJeff Wiegley, Ph.D. Computer Science jeffw@csun.edu Revised: February 1, 2006[Most of] you have never known a world without the Internet.1The beginningWhat you perceivea to be the "Internet"
CSU Northridge - LECTURE - 424
COMP424ComputerSecurityLectureweek8TruthsandMisconceptionsof VirusesTruths: Virusescanmodifyhiddenorreadonlyfiles Virusescannotremaininmemoryaftera completepoweroff/poweronrebootHmmm.TheworldischangingPDAsforinstance arenothingbutmemory.
CSU Northridge - LECTURE - 429
COMP429 Computer Network SoftwareLecture 02: Underlying TechnologiesJeff Wiegley, Ph.D. Computer Science jeffw@csun.edu Revised: February 6, 20061The beginningThe Internet: Not a new kind of physical network. A method of interconnecting phys
CSU Northridge - LECTURE - 424
COMP424Lecture10 GeneralObjectprotectionItsmorethanMemorynow.Sincecomputershaveevolvedtoprovide sophisticatedmultiusermultiprocess capabilitiesthenumberandtypesofthings thataresharedhasincreased Memory Files Executingcode Hardwaredevices
CSU Northridge - COMP - 282
COMP 282Lecture 06 Trees: Basic Ops. TerminologyTerminology Nodes and edges Parent (generalized: Ancestor) Child (generalized: descendent) Root Leaf Subtrees Binary treesHeight of Trees Height of a Treeheight 0 01 3 7 8 4 52 6 2 5
CSU Northridge - LECTURE - 424
COMP 424Lecture 11 Designing Trusted Operating SystemsTrustAn operating system is trusted if we have confidence that it consistently and effectively provides: Memory protection File protection General object access control User authenti
Illinois State - CHE - 232
Organic Chemistry 232Chapter 19 ReviewCarboxylic AcidsQuestions from Vollhardt & Schore: All the QuestionsChapter 19 Overview:A) Carboxylic Acids I) Order of Precedence for Functional Group Nomenclature II) Nomenclature III) Physical Properti
CSU Northridge - LECTURE - 424
COMP424Lecture02SecurityGoals(Requirements)Whatmakesasecuresystem? FinancialSecurityrequirements Homesecurity Homelandsecurity Physicalsecurity ComputersecurityAlltheseconceptsofsecurityhavedifferent requirements.Weare,ofcourse,inter
CSU Northridge - COMP - 282
COMP 282Lecture 04Selection Sort selectionSort(Comparable[] theArray, int n) { int last = n-1; while (last >= 1) { / Find largest item int largest = indexOfLargest(theArray,last+1); / swap largest with current last unsorted position Comparable te
CSU Northridge - COMP - 429
COMP429 Computer Network SoftwareSample Presentation: RIP and OSPFJeff Wiegley, Ph.D. Computer Science jeffw@csun.edu Revised: May 9, 20061Topics Definitions and Introduction. Routing Information Protocol (RIP) Participation and Operation B
N. Georgia - ACWARN - 7734
Mr. Hernandez World History ClassMultimedia Research Project RubricStudent Name: _Topic: _Date: _ SelfScore Teacher ScoreResearch Process:Gathered information from journals, books, CDs, and the internet Resources are current and reliable Ex
CSU Northridge - LECTURE - 424
COMP424Lecture07 VirusandothermalicouscodeHowVirusesAttach Appendedtootherprograms Surroundotherprograms Integrationwithotherprograms ReplacementVirusesthatAppend Easytoprogram Insertedbeforethenonmaliciouscode Viruscodeexecutedfirst
N. Georgia - ACWARN - 7734
Web-Based Lesson PlanLesson Plan Title: Developed by: Subject Area: Grade Level: Purpose of the Activity: Learning Objectives (include at least one Georgia QCC): Lesson URL(s): Equipment Needed: How will you accommodate students with special needs?
CSU Northridge - LECTURE - 424
COMP 424Computer Security Lecture 09 & 10ProtocolAn orderly sequence of steps agreed upon by two or more parties in order to accomplish a task Characteristics of a good protocol Established in advance All parties agree on it Easy to
CSU Northridge - LECTURE - 424
COMP424ComputerSecurity Lecture09&10ProtocolAnorderlysequenceofstepsagreeduponbytwo ormorepartiesinordertoaccomplishatask Characteristicsofagoodprotocol Establishedinadvance Allpartiesagreeonit Easytounderstand Complete:coversallthatne
N. Georgia - ACWARN - 7734
Name: _The places you may goDraw a picture of yourself and one other person in a place that you would like to time travel to.Explain who you took with you and where you went. (4 sentences)
CSU Northridge - LECTURE - 424
COMP 424 Computer System SecurityLecture 01 Attacks, Goals and VulnerabilitiesAt one time Bank robbery was common. Now its very rare. What has changed or been implemented to provide this security? What do we mean by "secure"?Sophisticat
CSU Northridge - LECTURE - 424
COMP 424Lecture 04 Advanced Encryption Techniques (DES, AES, RSA)Secret Key SystemsA message M, encrypted with key K is K denoted as [M] . Decryption is done with the same key and K K denoted: [M] ] = M. The basic disadvantage to these syste
CSU Northridge - LECTURE - 424
Computer SecurityCOMP 424 Lecture week 6 Program SecurityProgram Security How do we keep programs free from flaws How do we protect resources against such flaws? Deals with the security aspects involved when writing programs. Chapter 5 will
CSU Northridge - LECTURE - 424
COMP424LectureWeek9 ProtectioninGeneralPurposeOperatingSystemsOperatingSystemsOperatingSystemsandDatabasespresent uniquechallengesinsecurity.DatabasesarecoveredinChapter7Modernoperatingsystems(andevensome oldersystems)aremultiuserand mu
N. Georgia - ACWARN - 7734
The 4 Seasons!By: Miss WarnerThe Fall Fall Starts September 21st School starts Leaves change colors Weather changes Halloween ThanksgivingWinter Winter starts December 21st It gets REALLY cold The trees are bare It could snow Christma
N. Georgia - ACWARN - 7734
Group Members_ _ _Group Project Lesson PlanLesson Plan Title: Developed by: Subject Area: Grade Level: Purpose of the Activity: Learning Objectives (include at least one Georgia QCC): Different Types of Weather Group members listed above Science 4
N. Georgia - ACWARN - 7734
Different types of weatherStudents Names: _ Group #: _ Date: _Component Worksheet was completed. All activities were completed at each station while following instructions Script was written for weather forecast by using research and teamwork. Wea
N. Georgia - ACWARN - 7734
WEATHER ACTIVITY SHEET "Blizzards"At this center you will go to the web site provided, and this one only, to find the answers to the following questions:Web Site: 1. http: / /eo.ucar.edu /webweather/blizzard2.html Questions: 1. What 3 things are ne
CSU Northridge - LECTURE - 429
COMP429 Computer Network SoftwareLecture 04: Address Resolution Protocol (ARP)Jeff Wiegley, Ph.D. Computer Science jeffw@csun.edu Revised: February 15, 20061IntroductionSo now we have the following: Ethernet network segments rely on a 48 bit
CSU Northridge - LECTURE - 424
COMP424Lecture04 AdvancedEncryptionTechniques (DES,AES,RSA)SecretKeySystemsAmessageM,encryptedwithkeyKisdenoted as[M]K. Decryptionisdonewiththesamekeyand denoted:[M]K]K=M. Thebasicdisadvantagetothesesystemsisa problemofcombinatorics.Publ
CSU Northridge - COMP - 282
COMP 282Lecture 03Algorithm Efficiency What is algorithm efficiency? Memory space costs How fast is the task completed* Cost to produce implementations Cost to maintain applications "Method of solutions" vs. programs Significant differenc
CSU Northridge - COMP - 282
COMP 282Lecture 05Merge Sort (pages 393-398) Void merge(Comparable[] theArray, int first, int mid, int last) { Comparable[] tempArray = new Comparable[last-first+1]; int f1 = first; int f2 = mid+1; int index = 0; while (f1<=mid & f2<=last) if (th
CSU Northridge - COMP - 282
COMP282: Advanced Data StructuresLecture 02 COMP182 Review Basic Linear and Logarithmic Structures Arrays Linear Structures [O(n)]0 1 2 3 4 5 6 7 8 9 10 11 12Advantages:Easy to program / built-in to the language Space efficient* Support
CSU Northridge - COMP - 282
COMP 282Lecture 07 Binary Search TreesBinary Search Trees Properties:1. Nodes "value" is greater than all values in its left subtree. 2. Nodes "value" is less than ( ) all values in its right subtree 3. Both the left and right subtrees are also
CSU Northridge - COMP - 424
COMP424 Computer SecurityDesign PrinciplesaJeff Wiegley, Ph.D. Computer Science jeffw@csun.edu 08/29/2005a ByMatt Bishop, "Computer Security"1 The principle of least privilege states that a subject should be given only those privileges that
Virginia Tech - CS - 4234
peanut cashew acorn pecan chestnut macadamia brazilnut pistachio eureka lemon lime fig nectarine plum watermelon cantaloupe honeydew mango peach elderberry mulberry papaya blackberry durian coconut longan strawberry rambuta
RIT - I - 386
915resolution-0.5.2p0.tgz9libs-1.0p3.tgz9menu-1.7.tgz9wm-1.2pre.tgzAcePerl-1.87-opt.tgzAcePerl-1.87.tgzAsteriskTFOT-1.0.tgzBasiliskII-0.9.1p1.tgzBitTorrent-4.4.0p3.tgzBitTorrent-gui-4.4.0p3.tgzBitchX-1.0c18p3.tgzGeoIP-1.4.2.tgzGraphicsMag
Rose-Hulman - ECE - 351
ECE 351 Exam 1 Spring 2003Name_ Section_ CM_Scores: 1) 2) 3) 4)Total_I pledge on my honor that I did not copy any of this exam, and that this work is entirely my own. Furthermore, I did not use PSpice during this exam. _ Page 1 of 10Problem 1
Rose-Hulman - ECE - 351
ECE 351 Exam 2 Spring 2003Name_ Section_ CM_Scores: 1) 2) 3)Total_I pledge on my honor that I did not copy any of this exam, and that this work is entirely my own. Furthermore, I did not use PSpice during this exam. _Page 1 of 8Problem 1 (5
Rose-Hulman - ECE - 351
ECE 351 Final Exam-2 Spring 2003Name_ Section_ CM_Scores: 1) 2) 3) 4)Total_I pledge on my honor that I did not copy any of this exam, and that this work is entirely my own. Furthermore, I did not use PSpice during this exam. _ Page 1 of 9Prob
Rose-Hulman - ECE - 351
ECE 351 Final Exam Spring 2003Name_ Section_ CM_Scores: 1) 2) 3) 4)Total_I pledge on my honor that I did not copy any of this exam, and that this work is entirely my own. Furthermore, I did not use PSpice during this exam. _ Page 1 of 10Probl
Rose-Hulman - ECE - 351
vti_encoding:SR|utf8-nl vti_timelastmodified:TR|04 Apr 2003 13:40:10 -0000 vti_extenderversion:SR|5.0.2.4330 vti_author:SR|HERNITER-1\herniter vti_modifiedby:SR|HERNITER-1\herniter vti_timecreated:TR|04 Apr 2003 13:40:10 -0000 vti_cacheddtm:TX|04 Apr
Rose-Hulman - ECE - 351
vti_encoding:SR|utf8-nl vti_timelastmodified:TR|09 May 2003 02:30:11 -0000 vti_extenderversion:SR|5.0.2.4330 vti_author:SR|HERNITER-1\herniter vti_modifiedby:SR|HERNITER-1\herniter vti_timecreated:TR|09 May 2003 02:30:11 -0000 vti_cacheddtm:TX|09 May
Rose-Hulman - ECE - 351
vti_encoding:SR|utf8-nl vti_timelastmodified:TR|28 May 2003 19:09:16 -0000 vti_extenderversion:SR|5.0.2.4330 vti_author:SR|HERNITER-1\herniter vti_modifiedby:SR|HERNITER-1\herniter vti_timecreated:TR|28 May 2003 19:09:16 -0000 vti_cacheddtm:TX|28 May
Rose-Hulman - ECE - 351
vti_encoding:SR|utf8-nl vti_timelastmodified:TR|28 May 2003 02:39:54 -0000 vti_extenderversion:SR|5.0.2.4330 vti_author:SR|HERNITER-1\herniter vti_modifiedby:SR|HERNITER-1\herniter vti_timecreated:TR|28 May 2003 02:39:54 -0000 vti_cacheddtm:TX|28 May
RIT - MJW - 7675
EE772 Artificial Neural Networks Final Paper Rochester Institute of Technology1Musical Preference Learning Neural Network Design and AnalysisMatthew J. WaldronAbstract- Increasing availability and variety of music today makes it easier for
Maple Springs - CSE - 4411
%!PS-Adobe-2.0 %Creator: dvips(k) 5.86 Copyright 1999 Radical Eye Software %Title: ans2ed.dvi %CreationDate: Sat Sep 07 13:21:19 2002 %Pages: 8 %PageOrder: Ascend %BoundingBox: 0 0 596 842 %EndComments %DVIPSWebPage: (www.radicaleye.com) %DVIPSComman
Maple Springs - CSE - 4411
%!PS-Adobe-2.0 %Creator: dvips(k) 5.86 Copyright 1999 Radical Eye Software %Title: ans2ed.dvi %CreationDate: Sat Sep 07 13:21:19 2002 %Pages: 7 %PageOrder: Ascend %BoundingBox: 0 0 596 842 %EndComments %DVIPSWebPage: (www.radicaleye.com) %DVIPSComman
Maple Springs - CSE - 4411
%!PS-Adobe-2.0 %Creator: dvips(k) 5.86 Copyright 1999 Radical Eye Software %Title: ans2ed.dvi %Pages: 9 %PageOrder: Ascend %BoundingBox: 0 0 612 792 %DocumentFonts: AvantGarde-Demi AvantGarde-BookOblique Bookman-Light %+ CMBX12 CMR10 CMR12 CMCSC10 CM
Maple Springs - CSE - 4411
%!PS-Adobe-2.0 %Creator: dvips(k) 5.92b Copyright 2002 Radical Eye Software %Title: question.dvi %Pages: 1 %PageOrder: Ascend %BoundingBox: 0 0 612 792 %DocumentFonts: CMR10 CMSY10 CMMI10 %EndComments %DVIPSWebPage: (www.radicaleye.com) %DVIPSCommand
Maple Springs - CSE - 4411
%!PS-Adobe-2.0 %Creator: dvips(k) 5.86 Copyright 1999 Radical Eye Software %Title: ans2ed.dvi %Pages: 1 %PageOrder: Ascend %BoundingBox: 0 0 612 792 %DocumentFonts: AvantGarde-Demi AvantGarde-BookOblique Bookman-Light %+ CMBX12 CMR10 CMR12 CMCSC10 CM
Maple Springs - CSE - 4411
Physical Database DesignChapter 16, Part ADatabase Management Systems 3ed, R. Ramakrishnan and J. Gehrke1OverviewAfter ER design, schema refinement, and the definition of views, we have the conceptual and external schemas for our database.
Maple Springs - CSE - 4411
OverviewofStorageandIndexingChapter8DatabaseManagementSystems3ed,R.RamakrishnanandJ.Gehrke1DataonExternalStorageDisks:Canretrieverandompageatfixedcost Butreadingseveralconsecutivepagesismuchcheaperthanreading theminrandomorder Tapes:Ca
Maple Springs - CSE - 4411
HashBased IndexesChapter 11Implementation of Database Systems, Jarek Gryz1IntroductionAs for any index, 3 alternatives for data entries k*: Data record with key value k <k, rid of data record with search key value k> <k, list of rids of
Maple Springs - CSE - 4411
Evaluation of Relational OperationsChapter 14, Part AImplementation of Database Systems, Jarek GryzRelational OperationsWe will consider how to implement: Selection ( ) Selects a subset of rows from relation. Projection (