Week 12: Protection

Lecture notes:
Protection: Lecture slides (6 per page)
Supplemental notes:
The Apple Sandbox, Dionysus Blazakis, January 11, 2011.
A Linux Implementation of Windows ACLs, William Mahoney, James Harr, IJCSNS International Journal of Computer Science and Network Security, VOL.10 No.7, July 2010 (a high-level overview of the difference between ACLs in Windows and Linux)

protection, security, principle of least privilege, privilege separtion, setuid, identification, authentication, identification vs. authentication, integrity, confidentiality, availability, access matrix, domain transfers, domain delegation, access control list, capability list, discretionary access control (DAC), mandatory access control (MAC), multi-level secure (MLS) access control and the Bell-LaPadula model, multi-factor authentication, password authentication protocol (PAP), storing a password hash.