Term
Trusted Computing Base (TCB) |
|
Definition
HW/Processor Firmware/Driver SW/OS
ensures security policy is implemented system is secure |
|
|
Term
|
Definition
line that surrounds TCB; seperates untrusted and trusted parts of system |
|
|
Term
Computer Architecture Design (3 steps) aka building TCB |
|
Definition
1. HW Design 2. Firmware/SW development 3. SW protection designed
allows RM to control access |
|
|
Term
Layered Protection (layered defense) |
|
Definition
building security into various components; penetration involves going through multiple layers |
|
|
Term
Component Security Protection |
|
Definition
Protection must be provided for all components of a system (from client/servers, to PDAs, smart phones, etc) |
|
|
Term
HW Architecture Components (7) |
|
Definition
CPU Primary Storage Secondary Storage Virtual Memory I/O Devices Computer Bus Drivers |
|
|
Term
SW Architecture Components (2) |
|
Definition
Operating System (1st line of defense; ctrls activity of apps & I/O) Application Programs |
|
|
Term
|
Definition
Multitasking (CPU processes multiple tasks by multiple applications)
Multithreading (split program into multiple tasks)
Multiprocessing (multiple CPUs to multiple tasks/applications) |
|
|
Term
|
Definition
SW used on HW devices to control their functions; stored on ROM |
|
|
Term
Distributed System Architecture |
|
Definition
# of networked computers to share applications processes/data; requires RM on server: authorize network access & resource; then Data |
|
|
Term
Security Model Categories (9) |
|
Definition
Lattice Non-Interference Information Flow BLP Biba Clark-Wilson Graham-Denning Harrison-Ruzzo-Ulman Brewer-Nash |
|
|