Note-8

Note-8 - CSE 467/598 Data and Information Security Prof....

Info iconThis preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon
CSE 467/598 Data and Information Security Prof. Gail-Joon Ahn IMPORTANT DATES ! Project: ! Phase I: 11:59PM, February 22, 2011 ! Exam #1 (Midterm): Mar 8, 2011 ! Spring Break: Mar 15 & 17, 2011 (no class) ! Class Presentation : April19, 21, 26, and 28, 2011 (paper report due) ! Exam #2 (Final): May 10, 2011 (12:00PM – 2:00 PM) 2
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Cyber Gazette ! Hacker steals virtual poker chips from online gaming firm ! A UK-based hacker stole 7.4m worth of virtual poker chips after gaming firm failed to monitor key database tables . ! Security experts said the “chips” were merely values in a database. Mitchell simply manipulated these values once he had access to administration controls. ! Monitoring the tables would have enabled them to track access to that table and trigger alerts of abnormal and suspicious behavior. 3 Based on the slides for "Computer Security: Art and Science" 4 Take-Grant Protection Model ! A specific (not generic) system ! Set of rules for state transitions ! Safety decidable, and in time linear with the size of the system ! Goal: find conditions under which rights can be transferred from one entity to another in the system
Background image of page 2
Based on the slides for "Computer Security: Art and Science" 5 System ! objects (files, …) " subjects (users, processes, …) " don't care (either a subject or an object) G |– x G' apply a rewriting rule x (witness) to G to get G' G |– * G' apply a sequence of rewriting rules (witnesses) to G to get G' R = { t , g , r , w , … } set of rights Based on the slides for "Computer Security: Art and Science" 6 de jure Rules " t # t # # take g # # # grant " g " " " " " " " " " " |- |-
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Based on the slides for "Computer Security: Art and Science" 7 de jure Rules create # # remove # $ " " " " " " " |- |- Based on the slides for "Computer Security: Art and Science" 8 Take-Grant Protection Model ! Safety decidable, and in time linear with the size of the system !
Background image of page 4
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 03/09/2011 for the course CSE 497 taught by Professor Ahn during the Spring '11 term at ASU.

Page1 / 13

Note-8 - CSE 467/598 Data and Information Security Prof....

This preview shows document pages 1 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online