Materials

You can use the L19 slides (pdf) to take notes. L19 annotated slides (pdf) from lecture have my drawings.

Please see piazza@439 for a link to the recorded video.

Summary

• Threat modeling: what are 3 basic steps?
• Understand 4 major security principles and 4 heuristics, test yourself with the principles so that when you are confronted with a scenario, you can identify which principles are most relevant, how to apply the principles to improve the systems-level security.
  • defense-in-depth, open design, least privilege, separation of privelege
  • logging, work factors, defaults, simplicity, mediation