Lecture 1

IS 2935 / TEL 2810
z The objective of the course is to cover the

fundamental issues of information system
Introduction to security and assurance.
{Develop broad understanding of diverse issues
Computer Security
z Core course for (Security Assured
Information Systems Track) SAIS
September 2, 2004 z Certified by NSA
Courtesy of Professors Prasant Krisnamurthy, INFSCI 2935: Introduction of Computer Security 1 IS 2935 / TEL 2810: Introduction to Computer Security 2
Chris Clifton & Matt Bishop
1
Course Outline Course Material
z Security Basics (1-
(1-8) z Intrusion Detection and
{ General overview and definitions Response (23, 25, ..) z Textbook
{ Security models and policy issues { Attack Classification and { Computer Security: Art and Science, Matt Bishop, Addison- Wesley, 2003
Vulnerability Analysis z Will follow the book mostly
z Basic Cryptography and Network { Detection, Containment and z Will be supplemented by other material (references and papers)
z Errata URL: http://nob.cs.ucdavis.edu/~bishop/
security (9-
(9-12, 26) Response/Recovery
z Recommended
{ Crypto systems, digital signature, z Legal, Ethical, Social Issues { Inside Java 2 Platform Security, 2nd Edition, L. Gong, G. Ellision, M. Dageforde
authentication, PKI z Evaluation, Certification z Other References
{ IPSec, VPN, Firewalls Standards { Security in Computing, 2nd Edition, Charles P. Pfleeger, Prentice Hall
z Systems Design Issues and z Miscellaneous Issues (22, ..) { Security Engineering: A Guide to Building Dependable Distributed Systems,
Information assurance (13- { Malicious code, Mobile code Ross Anderson, Wiley, John & Sons, Incorporated, 2001
(13-21, 24)
{ Digital Rights Management, { Building Secure Software: How to avoid the Security Problems the Right Way,
{ Design principles John Viega, Gary McGraw, Addison-Wesley, 2002
Forensics
{ Security Mechanisms z Papers
{ Watermarking, Trust
{ Auditing Systems Management { List will be provided as supplemental readings and review assignments
{ Risk analysis { E/M-commerce security,
{ System verification Multidomain Security
z Implementations - Java
Security
IS 2935 / TEL 2810: Introduction to Computer Security 3 IS 2935 / TEL 2810: Introduction to Computer Security 4
2
Prerequisites Grading
z Assumes the following background z Lab + Homework/Quiz/Paper review 35%

{Programming skill z Paper/Project 15%
{List of suggested topics will be posted;
{Working knowledge of {Encouraged to think of a project/topic of your
zOperating systems, algorithms and data interest
structures, database systems, and networks z Exams 40% includes
{Basic Mathematics {Midterm 20%
{Comprehensive Final 20%
z Not sure? SEE ME z Remaining 10 %
{LERSAIS-SIG (Student Interest Group)
{Seminar and participation
3
Contact Course Policies
z James Joshi z Your work MUST be your own

{ Zero tolerance for cheating
z 721, IS Building
{ You get an F for the course if you cheat in anything however
z Phone: 412-
412-624-
624-9982 small – NO DISCUSSION
z E-mail: jjoshi@mail.sis.pitt.edu z Homework
{ There will be penalty for late assignments (15% each day)
z Web: www2.sis.pitt.edu/~jjoshi/INFSCI2935
{ Ensure clarity in your answers – no credit will be given for
z Office Hours: vague answers
{ Fridays: 2.00 – 4.00 p.m. { Solutions will be posted in the library OR Webpage
{ By appointments z Check webpage for everything!
{ You are responsible for checking the webpage for updates
z GSA: will be announced later
4
MSIS
MSIS MST
Security MST
SecurityAssured
AssuredInformation
InformationSystems
SystemsTrack
Track Security
SecurityAssured
AssuredInformation
InformationSystems
SystemsTrack
Track
Cognitive Systems
Systemsand SAIS
SAISTrack SAIS
SAISTrack Human
Foundations Cognitive and Track Track Core HumanComm
Comm Protocols
Protocolsand
and SAIS
SAISTrack
Track SAIS
SAISTrack
Track
Foundations
(3
Systems
Systems Technology
Technology Core
Core Electives
Electives CoreRequired
Required Mgmt/Policy Design Core Electives
(3credits)
credits) (6 (9
(9credits)
Mgmt/Policy Design Core Electives
(6credits)
credits) (12
(12credits)
credits) (12
(12credits)
credits) (3
(3credits)
credits) credits) (6 credits)
(6 credits) (6 credits)
(3 credits)
IS-2570
IS-2570 IS-2300
Developing IS-2300Human
Human TEL-2110
TEL-2110 TEL-2810 TEL-2825
IS-2150
IS-2150 Developingsecure
secure Information
Information Network
NetworkDesign
Design
TEL-2810 TEL-2825
IS-2511 Intro Infrs.
IS-2511 Intro Systems
Systems TEL-2210 Processing Intro Infrs.Protection
Protection
Advanced Intro TEL-2210 Processing To
Advanced To ToSecurity
Security
Analysis ToSecurity
Security Electronic
Electronic TEL-2121
TEL-2121
IS-2300 Analysis&& IS-2771
IS-2771 Comm
IS-2771
IS-2771
IS-2300 Design CommIIII TEL-2510
TEL-2510 Network
NetworkMgt.
Mgt. TEL-2820 Security
Human Design IS-2160 Security
Securityin
in US TEL-2820 Securityin
in
Human IS-2160 E-Commerce USTelecom
Telecom Cryptography E-Commerce
Information Cryptography E-Commerce TEL-2120 Policy Cryptography E-Commerce
Information TEL-2000 Cryptography TEL-2120 PolicyOR
OR TEL-2320
TEL-2320LANs
LANs
Processing TEL-2000 Network
Processing Intro IS-2820/TEL-2813 Network TEL-2821 IS-2820/TEL-2813
IS-2000 Intro TEL-2821 IS-2820/TEL-2813
IS-2000Intro
Intro To
TEL-2821
TEL-2821 IS-2820/TEL-2813 Performance
Performance TEL-2511
TEL-2511 TEL-2321
TEL-2321WANs
WANs
to ToTelecom
Telecom Security Network
Network Security
Security
toIS
IS IS-2470
IS-2470 Network
Network Security
Management
Intl.
Intl.Telecom
Telecom Security Management
Interactive Security Management TEL-2310 Policy TEL-2720 Security Management
Interactive IS-2550 Security TEL-2310 Policy TEL-2720
System IS-2550
SystemDesign
Design Client- LIS-2194
Computer
Computer OR
OR Cellular
CellularRadio
Radioand
and TEL-2830 TEL-2829
Client- TEL TEL-2830 TEL-2829
Server TEL2830/IS-2190
2830/IS-2190 LIS-2194 Networks
Networks LIS-2194
LIS-2194 PCS
PCS Capstone
Server Capstone Information
InformationEthics CapstoneCourse
Course Adv.
Adv.Cryptography
Cryptography
CapstoneCourse
Course Ethics Information
Information in
in inSecurity
Security OR
OR
IS-2710 inSecurity
Security Ethics
Ethics TEL-2721
TEL-2721
IS-2710DBMS
DBMS LIS-2184
LIS-2184 Mobile
MobileData Data Other
Legal
Legalissues
issues9in
in Networks OtherElectives
Electives
Handling Networks
HandlingInformation
IS 2935 / TEL 2810: Introduction to Computer Security IS 2935 / TEL 2810: Introduction to Computer Security 10
Information
5
Expected Pre-requisite Structure
National Center of
IS-2150
IS-2150 Academic Excellence in
TEL-2810
TEL-2810
TEL-2000
TEL-2000
Intro
Introto
toSecurity
Security Information Assurance Education
TEL-2120
TEL-2120 IS-2510
IS-2510
IS-2511
IS-2511
IS-2160 IS-2550
IS-2550
IS-2160 IS-2710
TEL-2820 IS-2710
TEL-2820
Cryptography
Cryptography (2004-2007)
IS-2570 IS-2820/TEL-2813
TEL-2825 TEL-2821 IS-2570 IS-2820/TEL-2813
TEL-2825 TEL-2821 Dev. Secure Security
Infrs. Protection Network Security Dev. Secure Security
Infrs. Protection Network Security Systems Management
Systems Management
Certified for
NSTISS 4011
IS-2771
IS-2771
E-commerce
E-commerce
Information Security Professionals
Security
TEL-2830/IS2190
Security NSTISS 4012
TEL-2830/IS2190
Capstone
Capstone Designated Approving Authority (DAA)
NSTISS 4013
IS numbers are System Administrator in Information Systems Security
TEL-2829
IS-2939
IS-2939 not yet
TEL-2829 TEL-2938
Adv. IS 2935 / TEL 2810: IntroductionTEL-2938
Adv.Cryptography
Cryptography
to Computer Security
Advanced Topics formalized 11 IS 2935 / TEL 2810: Introduction to Computer Security 12
Advanced Topics
6
Other Important Information
The Department of Information Science and Telecommunication’s
Laboratory of Education and Research on Security Assured Information Systems
(LERSAIS), z In the process of setting up scholarships
a National Center of Academic Excellence in Information Assurance Education (2004-2007),
hereby certifies that for IA education (DoD and/or NSF)
Mr. John Smith {2-years support (MS degree, 2 years of PhD)
has successfully completed the requirements for the DIST’s IA certification in Fall 2004
LE
The DIST’s IA certification requires a student to demonstrate competence in the following three IA courses
{US Citizens only
P
TELCOM 2810 Introduction to Computer Security;
TELCOM 2820 Cryptography {Requires 2 years work with federal agency
A M TELCOM 2821 Network Security

{Expected to start next Fall (check LERSAIS
S
These three courses have been certified by the National Security Agency (NSA) as meeting the following IA
education standards set by the Committee on National Systems Security (CNSS) URL: http://www.sis.pitt.edu/~lersais/
NSTISSI No. 4011, Information Systems Security Professionals
NSTISSI No. 4012, Designated Approving Authority
NSTISSI No. 4013, System Administrators in Information Systems Security z NSA people visiting DIST next Thursday
{Discuss internship/job opportunities
IS 2935 / TEL 2810: Introduction
Ronald to Computer
Larsen Security 13 IS 2935 / TEL 2810: Introduction to Computer Security 14
(Dean, School of Information Sciences)
7
Information Systems Security
z Deals with
{Security of (end) systems
Introduction to Security zExamples: Operating system, files in a host, records,
databases, accounting information, logs, etc.
{Security of information in transit over a network
Overview of Computer Security zExamples: e-commerce transactions, online banking,
confidential e-mails, file transfers, record transfers,
authorization messages, etc.
“Using encryption on the internet is the equivalent of arranging an
armored car to deliver credit card information from someone living
living in
a cardboard box to someone living on a park bench” –
Gene Spafford
8
Basic Components of Security Interdependencies
z Confidentiality
{ Keeping data and resources secret or hidden confidentiality integrity
z Integrity
{ Ensuring authorized modifications;
{ Includes correctness and trustworthiness Integrity confidentiality
{ May refer to
z Data integrity
z Origin integrity
z Availability
{ Ensuring authorized access to data and resources when desired
(Additional from NIST) availability accountability

z Accountability
{ Ensuring that an entity’s action is traceable uniquely to that entity
z Security assurance Integrity confidentiality Integrity confidentiality
{ Assurance that all four objectives are met
9
Information Security 20 years back Information security today
z Emergence of the Internet and distributed systems
z Physical security { Increasing system complexity
z Digital information needs to be kept secure
{Information was primarily on paper { Competitive advantage
{ Protection of assets
{Lock and key { Liability and responsibility
z Financial losses
{Safe transmission { The FBI estimates that an insider attack results in an average loss of $2.8 million
{ There are reports that the annual financial loss due to information security
z Administrative security breaches is between 5 and 45 billion dollars
z National defense
{Control access to materials { Protection of critical infrastructures:
z Power Grid;
{Personnel screening z Air transportation
{ Interlinked government agencies
{Auditing z Bad Grade for most of the agencies
z Severe concerns regarding security management and access control measures
(GAO report 2003)
10
Terminology Attack Vs Threat
Requirements
Security Architecture
& Policies
z A threat is a “potential” violation of security
{The violation need not actually occur
Information {The fact that the violation might occur makes it
Security a threat
Features Assets
or {It is important to guard against threats and be
Services prepared for the actual violation
z The actual violation of security is called an
Attackers/Intruders/
Malfeasors
attack
Security
Mechanisms
11
Common security attacks Classes of Threats (Shirley)
z Interruption, delay, denial of receipt or denial of service z Disclosure: unauthorized access to information
{ System assets or information become unavailable or are {Snooping
rendered unavailable
z Interception or snooping z Deception: acceptance of false data
{ Unauthorized party gains access to information by browsing {Modification, masquerading/spoofing, repudiation of
through files or reading communications origin, denial of receipt
z Modification or alteration z Disruption: interruption/prevention of correct
{ Unauthorized party changes information in transit or information
stored for subsequent access operation
z Fabrication, masquerade, or spoofing {Modification
{ Spurious information is inserted into the system or network by z Usurpation: unauthorized control of a system
making it appear as if it is from a legitimate entity
component
z Repudiation of origin
{ False denial that an entity created something
{Modification, masquerading/spoofing, delay, denial
of service
12
Policies and Mechanisms Goals of Security
z A security policy states what is, and is not, z Prevention

{To prevent someone from violating a security policy
allowed z Detection
{This defines “security” for the site/system/etc. {To detect activities in violation of a security policy
{Policy definition: Informal? Formal? {Verify the efficacy of the prevention mechanism
z Recovery
z Mechanisms enforce policies {Stop policy violations (attacks)
z Composition of policies {Assess and repair damage
{Ensure availability in presence of an ongoing attack
{If policies conflict, discrepancies may create {Fix vulnerabilities for preventing future attack
security vulnerabilities { Retaliation against the attacker
13
Assumptions and Trust Types of Mechanisms
z Policies and mechanisms have implicit z Let P be the set of all the reachable states
assumptions z Let Q be a set of secure states identified by a
z Assumptions regarding policies policy: Q ⊆ P
{Unambiguously partition system states into “secure” and z Let the set of states that an enforcement
“nonsecure” states
mechanism restricts a system to be R
{Correctly capture security requirements
z The enforcement mechanism is
z Mechanisms
{Secure if R ⊆ Q
{Assumed to enforce policy; i.e., ensure that the system
{Precise if R = Q
does not enter “nonsecure” state
{Broad if there are some states in R that are not in Q
{Support mechanisms work correctly
14
Types of Mechanisms Information Assurance
z Information Assurance Advisory Council (IAAC):

(IAAC):
“Operations undertaken to protect and defend
information and information systems by
ensuring their availability, integrity,
broad
authentication, confidentiality and non-
repudiation”
secure precise z National Institute of Standards Technology
“Assurance is the basis for confidence that the
security measures, both technical and
set R set Q (secure states) operational, work as intended to protect the
system and the information it processes”
15
Assurance Operational Issues
z Assurance is to indicate “how much” to trust a system and is z Cost-
Cost-Benefit Analysis
achieved by ensuring that
{ The required functionality is present and correctly implemented {Benefits vs. total cost
{ There is sufficient protection against unintentional errors {Is it cheaper to prevent or recover?
{ There is sufficient resistance to intentional penetration or by-pass
z Risk Analysis
z Basis for determining this aspect of trust
{ Specification {Should we protect something?
z Requirements analysis {How much should we protect this thing?
z Statement of desired functionality
{Risk depends on environment and change with time
{ Design
z Translate specification into components that satisfy the specification z Laws and Customs
{ Implementation {Are desired security measures illegal?
z Programs/systems that satisfy a design
{Will people do them?
{Affects availability and use of technology
16
Tying all together:
Human Issues The Life Cycle
z Organizational Problems Threats

Human factor
{Power and responsibility
Policy
{Financial benefits
z People problems Specification
{Outsiders and insiders

Design
zWhich do you think is the real threat?
{Social engineering Implementation
Operation &
Maintenance
17
Propositional logic/calculus
z Atomic, declarative statements (propositions)

{ that can be shown to be either TRUE or FALSE but not both;
E.g., “Sky is blue”; “3 is less than 4”
z Propositions can be composed into compound
sentences using connectives
{ Negation ¬ p (NOT) highest precedence
Mathematics Review { Disjunction p∨ q (OR) second precedence
{ Conjunction p∧ q (AND) second precedence
{ Implication p→q q logical consequence of
z Contradiction: Formula that is always false : p ∧ ¬p
z Tautology: Formula that is always false : p ∨ ¬p
z Construct truth tables??
18
Predicate/first order logic Mathematical Induction
{ Propositional logic
{ Variable, quantifiers, constants and functions z Proof technique - to prove some mathematical
{ Consider sentence: Every directory contains some files property
{ Need to capture “every” “some” z E.g. want to prove that M(n)
M(n) holds for all natural
z F(x): x is a file numbers
z D(y): y is a directory {Base case:
z C(x, y): x is a file in directory y z Prove that M(1) holds – called
z Existential quantifiers ∃ (There exists)
{Induction Hypothesis:
• E.g., ∃ x is read as There exist some x
z Universal quantifiers ∀ (For all)
z Assert that M(n) holds for n = 1 to k
{ ∀y D(y) → (∃ x (F(x) ∧C(x, y))) read as {Induction Step:
z Prove that if M(k) holds then M(k+1) holds
for every y, if y is a directory, then there exists a x such that x
is a file and x is in directory y z Exercise: prove that sum of first n natural
numbers is
z 1 + … + n = n(n + 1)/2
19
Lattice Lattice
z Let S, a set z Total ordering: when the relation orders all elements
z Cartesian product: S x S { E.g., “less than equal to” (≤) on natural numbers
z Binary relation R on S is a subset of S x S z Partial ordering (poset
(poset):
): when the relation orders only
z IF (a, b) ∈ R we write aRb some elements not all
{ E.g. “less than equal to” (≤) on complex numbers; Consider (2 +
{ Example, R is “less than equal to” (≤)
4i) and (3 + 2i)
{ If S = {1, 2, 3} then R is {(1, 1), (1, 2), (1, 3), ????)
{ (1, 2) ∈ R is another way of writing 1 ≤ 2
z Upper bound (u, a, b ∈ S)
{ u is an upper bound of a and b means aRu and bRu
z Properties of relations { Least upper bound : lub(a, b) closest upper bound
{ Reflexive: is aRa for all a ∈ S
{ Antis-symmetric: if aRb and bRa implies a = b for all a, b ∈ S
z Lower bound (u, a, b ∈ S)
{ l is a lower bound of a and b means lRa and lRb
{ Transitive: if aRb and bRc imply that aRc for all a, b, c ∈ S
{ Greatest lower bound : glb(a, b) closest lower bound
{ Which properties hold for “less than equal to” (≤)?
20
Lattice
z A lattice is the combination of a set of elements

S and a relation R meeting the following criteria
{R is reflexive, antisymmetric, and transitive on the
elements of S
{For every s, t ∈ S, there exists a greatest lower bound
{For every s, t ∈ S, there exists a lowest upper bound Access Control Matrix
z What about S = {1, 2, 3} and R = ≤?
z What about S = {2+4i; 1+2i; 3+2i, 3+4i} and R =
≤?
IS 2935 / TEL 2810: Introduction to Computer Security 41 Courtesy of Professors Prasant Krisnamurthy, INFSCI 2935: Introduction of Computer Security 42
21
Protection System Protection System
z State of a system
{ Current values of
z Subject (S: set of all subjects)
z memory locations, registers, secondary storage, etc. {Active entities that carry out an action/operation
z other system components
z Protection state (P)
on other entities; Eg.: users, processes, agents,
{ A system state that is considered secure etc.
z A protection system z Object (O: set of all objects)
{ Describes the conditions under which a system is secure (in a
protection state) {Eg.:Processes, files, devices
{ Consists of two parts:
z A set of generic rights z Right
z A set of commands
z State transition {An action/operation that a subject is
{ Occurs when an operation (command) is carried out allowed/disallowed on objects
22
Access Control Matrix Model Access Control Matrix
f1 f2 f3 f4 f5 f6
o: own s1 o, r, w o, r, w w
z Access control matrix r: read
s2 o, r, w r o, r, w Access Matrix
w:write
{ Describes the protection state of a system. s3 r r o, r, w r o, r, w
{ Characterizes the rights of each subject
{ Elements indicate the access rights that subjects have on
Capabilities Access Control List
objects
s1 f2 o, r, w f3 o, r, w f5 w f1 s2 o, r, w
z ACM is an abstract model
{ Rights may vary depending on the object involved s2 f1 o, r, w f2 r f5 o, r, w
f2 s1 o, r, w s2 r s3 r
z ACM is implemented primarily in two ways s3 f2 r f3 r f4 o, r, w f3 s1 o, r, w s3 r
{ Capabilities (rows)
f4 s3 o, r, w
{ Access control lists (columns) f5 r f6 o, r, w
f5 s1 w s2 o, r, w s3 r
f6 s3 o, r, w
23
Access Control Matrix State Transitions
Hostnames Telegraph Nob Toadflax
Telegraph own ftp ftp z Let initial state X0 = (S0, O0, A0)
Nob ftp, nsf, mail, own ftp, nfs, mail z Notation
Toadflax ftp, mail ftp, nsf, mail, own
{Xi ├τi+1 Xi+1 : upon transition τi+1, the system
moves from state Xi to Xi+1
{X ├* Y : the system moves from state X to Y
Counter Inc_ctr Dcr_ctr Manager after a set of transitions
Inc_ctr + {Xi ├ ci+1 (pi+1,1, pi+1,2, …, pi+1,m) Xi+1 : state
transition upon a command
Dcr_ctr -
z For every command there is a sequence
manager Call Call Call
of state transition operations
24
Primitive commands (HRU) Create Subject
z Precondition: s ∉ S
Create subject s Creates new row, column in ACM; z Primitive command: create subject s
Create object o Creates new column in ACM z Postconditions:
Enter r into a[s, o] Adds r right for subject s over object o {S´ = S ∪{ s }, O´ = O ∪{ s }
{(∀y ∈ O´)[a´[s, y] = ∅] (row entries for s)
Delete r from a[s, o] Removes r right from subject s over object o
{(∀x ∈ S´)[a´[x, s] = ∅] (column entries for s)
Destroy subject s Deletes row, column from ACM; {(∀x ∈ S)(∀y ∈ O)[a´[x, y] = a[x, y]]
Destroy object o Deletes column from ACM
25
Create Object Add Right
z Precondition: o ∉ O z Precondition: s ∈ S, o ∈ O
z Primitive command: create object o z Primitive command: enter r into a[s, o]
z Postconditions: z Postconditions:
{S´ = S, O´ = O ∪ { o } {S´ = S, O´ = O
{(∀x ∈ S´)[a´[x, o] = ∅] (column entries for o) {a´[s, o] = a[s, o] ∪ { r }
{(∀x ∈ S)(∀y ∈ O)[a´[x, y] = a[x, y]] {(∀x ∈ S´ – { s })(∀y ∈ O´ – { o })
[a´[x, y] = a[x, y]]
26
Delete Right Destroy Subject
z Precondition: s ∈ S, o ∈ O z Precondition: s ∈ S
z Primitive command: delete r from a[s, o] z Primitive command: destroy subject s
z Postconditions: z Postconditions:
{S´ = S, O´ = O {S´ = S – { s }, O´ = O – { s }
{a´[s, o] = a[s, o] – { r } {(∀y ∈ O´)[a´[s, y] = ∅] (row entries removed)
{(∀x ∈ S´ – { s })(∀y ∈ O´ – { o }) {(∀x ∈ S´)[a´[x, s] = ∅] (column entries
[a´[x, y] = a[x, y]] removed)
{(∀x ∈ S´)(∀y ∈ O´) [a´[x, y] = a[x, y]]
27
Destroy Object
z Precondition: o ∈ o
z Primitive command: destroy object o
z Postconditions:
{S´ = S, O´ = O – { o }
{(∀x ∈ S´)[a´[x, o] = ∅] (column entries
removed)
{(∀x ∈ S´)(∀y ∈ O´) [a´[x, y] = a[x, y]]
IS 2935 / TEL 2810: Introduction to Computer Security 55
28

Lecture 1

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Lecture 1

Încărcat de

Drepturi de autor:

Formate disponibile

IS 2935 / TEL 2810

z The objective of the course is to cover the

z Assumes the following background z Lab + Homework/Quiz/Paper review 35%

z James Joshi z Your work MUST be your own

A M TELCOM 2821 Network Security

(Additional from NIST) availability accountability

z A security policy states what is, and is not, z Prevention

z Information Assurance Advisory Council (IAAC):

z Organizational Problems Threats

{Outsiders and insiders

z Atomic, declarative statements (propositions)

z A lattice is the combination of a set of elements

z ACM is implemented primarily in two ways s3 f2 r f3 r f4 o, r, w f3 s1 o, r, w s3 r

IS 2935 / TEL 2810: Introduction to Computer Security 55

S-ar putea să vă placă și