CSE 127: Lecture 3
In this lecture we finished up topics from
lecture 1 and
lecture 2, mentioned the concept of
the weakest link, and I gave you an
In addition to the desirable security properties from earlier, an
important notion is that of the weakest link. A smart attacker will
look for the weakest link in the computer system's defensive armor,
and so the efforts to secure a system should be directed at the
weakest link. A real life analogy to this is protecting your home
from a robber who wants to break in and steal your valuables. Adding
steel reinforcements to your front door is not very useful if you have
a nice large plate glass window that can be easily broken.
Of course, we may not want to get rid of our nice picture window.
This brings us to the notion of when are the security measures enough.
Certainly, living in a fortress is not as pleasant as living in a
normal home -- and while it is possible to build very secure computer
systems, those systems will end up being not very usable. The primary
mission of the computer system is to let you do your work -- for
example, to build software for some new product (majority of
programmers); to conduct research / teach (for me); and to do homework
/ learn (for you). Determining the proper amount of security is
difficult, and we'll discuss this some more later in the quarter.
Send me email from your OCE Unix account, with the Subject of
CSE127. If you do not have an OCE account, you will need to
get some form of ACS unix account -- email me or come speak to me.
This is due midnight Wednesday January 16. Get your computer accounts
search CSE |
bsy's home page |
firstname.lastname@example.org, last updated Mon Mar 25 15:22:10 PST 2002. Copyright 2002 Bennet Yee.