Lecture 4: Bell LaPadula CS 591: Introduction to Computer Security
Recommend Documents
SP-NETWORK ARCHITECTURE. (from Ross Anderson, Security Engineering).
PSU CS491/591 F'12 LECTURE ON CRYPTOGRAPHIC PRIMITIVES. ANDREW
...
Valkyria Chronicles. • Example of dialogue-free cinematic. • Art-style. – Specially
created for the game. • Introduced all characters. • In-game rendered ...
vides excellent protections over information confidentiality for military applications, it ... level security policy with a discretionary access control pol- icy. Bell-LaPadula ... set of high level activities that users could perform. A user had the
What Does Security Mean? The term security is used in a variety of contexts.
What's the common thread? Personal security. Corporate security. Personnel ...
Nowadays an amateur astronomer with a CCD camera and a 15 cm telescope
can collect as ..... The graph below shows the reflectivity of an EEV 42-80 CCD.
Introduction to. Computer Security. International Edition. Michael T. Goodrich.
Department of Computer Science. University of California, Irvine. Roberto ...
This lecture serves to introduce the concept of computer security, and the closely
related ... reporting business lost over $740,000 to computer security in 2005.
Apr 10, 2006 ... Recommended Books. 19 Deadly Sins of Software Security. Howard, LeBlanc,
and Viega. Building Secure Software. Viega and McGraw.
Jan 18, 2011 ... What's Not Required? • Optional book #1: Security in Computing,. Pfleeger &
Pfleeger, 4th ed. ... question in your mind, talk with instructors first ...
present an overview of security measures is presented. 1 Introduction ... tions, the condition of computer security has never been so poor. Actually, it is.
CS1101: Lecture 8. Introduction to Computer. Organisation. Dr. Barry O'Sullivan b
[email protected]. Course Homepage http://www.cs.ucc.ie/˜osullb/cs1101.
o Computer Networks - A Systems Approach, Third Edition, Larry L. Peterson and
Bruce S. Davie, ... o Learning the Unix Operating System (Nutshell Handbook),
5th Edition, J. D. Peek, G. ... and posting questions and answers. Homework.
D.A. Patterson and J.L. Hennessy, Computer Architecture and Design: The
Hardware/Software Interface, 4 th edition, Morgan Kauffman Publishers. If you
cannot ...
School of Computer Science and Dept of Electrical and Computer ... things go
wrong (as they always do) you will have the intellectual tools to solve the problem
. ... and David R. O'Hallaron, Computer Systems: A Programmer's Perspective, ...
Introduction. Computer Security Lecture 1. Mike Just1. School of Informatics.
University of Edinburgh. 11th January 2010. 1Based on original lecture notes by
...
Every Android app runs in its own process with its own instance of the Dalvik
virtual ... Note: The Dalvik virtual machine in Android is optimized for small
footprint ...
Introduction to Computer Security Michael Goodrich Roberto Tamassia on ... Goodrich Roberto Tamassia Read Reviews ISBN 1
1. IS2150/TEL2810 Introduction to Computer Security. Final Examination.
Tuesday, December 13, 2005. Name: Email: Total Time : 2:30 Hours. Total Score
: 100.
A. Course Number and Title: DA102. Introduction to Computer Security
Investigations and. Hardware Fundamentals (Intro to CSI/DF). B. Curriculum:
Information ...
Sep 18, 2015 ... The program we will exploit is the “Badly Coded File Archiver,” or BCZIP (loosely
modeled on the ... which is installed setuid root. This program ...
database systems rather than the traditional file systems. ... David M.Kroenke and
David J. Auer, Database. Concepts, 4th Edition, Pearson International. Edition ...
Many claim that the security model developed by Bell and LaPadula and used as a basis for numerous pro- totype military
Introduction to Computer Security and Privacy. Fall 2008. 1-2 ... computing
systems and networks. • To be clear, you ... Shari Lawrence Pfleeger,. Prentice-
Hall ...
Lecture 4: Bell LaPadula CS 591: Introduction to Computer Security
Apr 12, 2006 ... Introduce the Bell LaPadula framework ... Computer Security Applications
Conference,. December ... http://www.acsac.org/2005/papers/Bell.pdf ...
CS 591: Introduction to Computer Security Lecture 4: Bell LaPadula James Hook
4/12/06 15:33
Objectives • Introduce the Bell LaPadula framework for confidentiality policy • Discuss realizations of Bell LaPadula
4/12/06 15:33
Follow Bishop • Presentation follows Bishop’s slides for Chapter 5
4/12/06 15:33
Discussion • When would you choose to apply a model this restrictive?
4/12/06 15:33
Further Reading • Ross Anderson’s Security Engineering, Chapter 7: Multilevel security – Standard Criticisms – Alternative formulations – Several more examples
• “Looking Back at the Bell - La Padula Model”, David Elliott Bell, Proceedings 21st Annual Computer Security Applications Conference, December, 2005 – http://www.acsac.org/2005/papers/Bell.pdf 4/12/06 15:33
Criticisms of Bell LaPadula • BLP is straightforward, supports formal analysis • Is it enough? • McLean wrote a critical paper asserting BLP rules were insufficient
4/12/06 15:33
McLean’s System Z • Proposed System Z = BLP + (request for downgrade) • User L gets file H by first requesting that H be downgraded to L and then doing a legal BLP read • Proposed fix: tranquility – Strong: Labels never change during operation – Weak: Labels never change in a manner that would violate a defined policy 4/12/06 15:33
Historical • The BLP retrospective published in December is fascinating! • What we know as BLP and “simple security” was the “trivial case” when labels didn’t change. • Bell and La Padula expected to do a more dynamic policy 4/12/06 15:33
Alternatives • Goguen & Meseguer, 1982: Noninterference – Model computation as event systems – Interleaved or concurrent computation can produce interleaved traces – High actions have no effect on low actions • The trace of a “low trace” of a system is the same for all “high processes” that are added to the mix
– Problem: Needs deterministic traces; does not scale to distributed systems 4/12/06 15:33
Nondeducibility • Sutherland, 1986. – Low can not deduce anything about high with 100% certainty – Historically important, hopelessly weak – Addressed issue of nondeterminism in distributed systems
4/12/06 15:33
Intranstitive non-interference • Rushby, 1992 – Updates Goguen & Meseguer to deal with the reality that some communication may be authorized (e.g. High can interefere with low if it is mediated by crypto)
![[PDF] Introduction to Computer Security - Google Sites](https://m.moam.info/img/260x300/pdf-introduction-to-computer-security-google-sites_6477306f097c4786708b6ee2.jpg)
