Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 2: Security Policy Models Fred Chong CS290N Architectural Support for Secure and Reliable Computing.

Published byTheresa Blea Modified over 9 years ago

Similar presentations

Presentation on theme: "Lecture 2: Security Policy Models Fred Chong CS290N Architectural Support for Secure and Reliable Computing."— Presentation transcript:

1 Lecture 2: Security Policy Models Fred Chong CS290N Architectural Support for Secure and Reliable Computing

2 Multi-Level vs Multi-Lateral Policies

3 Bell-La Padua Policy

4 BLP vs BIBA

5 Biba

6 Example: BLP password file protection Password file is “high” Network reads and writes are “low” Malware from the network is “low,” can’t read password file (read of “high” from “low”) Even if Malware becomes “high” somehow, can’t write password data to the network (write of “high” to “low”)

7 Example: Biba protects system files System files are “high” Malware from the network is “low” Malware can’t write to system files (“low” writes to “high”) Hardware dynamic information flow tracking techniques (taint tracking) implement Biba

8 Chinese Wall

9 BLP vs Chinese Wall

10 Clark-Wilson

11 BLP vs Clark-Wilson

12 BLP with Codewords “Need to know” A Lattice Model

13 BMA medical record policy

Download ppt "Lecture 2: Security Policy Models Fred Chong CS290N Architectural Support for Secure and Reliable Computing."

Similar presentations

Information Flow and Covert Channels November, 2006.

Information Flow and Covert Channels November, 2006.
CSE331: Introduction to Networks and Security Lecture 34 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 34 Fall 2002.
Access Control Intro, DAC and MAC System Security.

Access Control Intro, DAC and MAC System Security.
SECURITY What does this word mean to you? The sum of all measures taken to prevent loss of any kind.

SECURITY What does this word mean to you? The sum of all measures taken to prevent loss of any kind.
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
Open-MS (Open-Management System) Ethan Hann 3.30.2010.

Open-MS (Open-Management System) Ethan Hann
MITP 458 Application Layer Security By Techjocks.

MITP 458 Application Layer Security By Techjocks.
Verifiable Security Goals

Verifiable Security Goals
Chapter 8 Multilateral Security Information flowing across boundaries.

Chapter 8 Multilateral Security Information flowing across boundaries.
1 Clark Wilson Implementation Shilpa Venkataramana.

1 Clark Wilson Implementation Shilpa Venkataramana.
CS526Topic 21: Integrity Models1 Information Security CS 526 Topic 21: Integrity Protection Models.

CS526Topic 21: Integrity Models1 Information Security CS 526 Topic 21: Integrity Protection Models.
1 RAKSHA: A FLEXIBLE ARCHITECTURE FOR SOFTWARE SECURITY Computer Systems Laboratory Stanford University Hari Kannan, Michael Dalton, Christos Kozyrakis.

1 RAKSHA: A FLEXIBLE ARCHITECTURE FOR SOFTWARE SECURITY Computer Systems Laboratory Stanford University Hari Kannan, Michael Dalton, Christos Kozyrakis.
Policy, Models, and Trust 1. Security Policy A security policy is a well-defined set of rules that include the following: Subjects: the agents who interact.

Policy, Models, and Trust 1. Security Policy A security policy is a well-defined set of rules that include the following: Subjects: the agents who interact.
Network Security and Personally Managed Computers Jordan K. Wiens Copyright Jordan K. Wiens 2004.

Network Security and Personally Managed Computers Jordan K. Wiens Copyright Jordan K. Wiens 2004.
Lecture 3: Access Control Fred Chong CS290N Architectural Support for Secure and Reliable Computing.

Lecture 3: Access Control Fred Chong CS290N Architectural Support for Secure and Reliable Computing.
CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.
CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.

CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.
FORESEC Academy FORESEC Academy Security Essentials (II)

FORESEC Academy FORESEC Academy Security Essentials (II)
J Carpenter 2008 702904 & 711908 lecture -05 1 702904 & 711908 Information Security 2008 Lecture 5 Access Control, Security Models.

J Carpenter & lecture & Information Security 2008 Lecture 5 Access Control, Security Models.
1 A pattern language for security models Eduardo B. Fernandez and Rouyi Pan Presented by Liping Cai 03/15/2006.

1 A pattern language for security models Eduardo B. Fernandez and Rouyi Pan Presented by Liping Cai 03/15/2006.

Similar presentations

Ads by Google