CSE 127 Study Guide - Fall 2018, Comprehensive Midterm Notes - Trust Law, Threat Model, Word Processor

Computer security - providing functionality, not about functionality. Property of the entire system, not about a particular feature. 2 competing philosophies: binary model - secure or insecure. Proof of security , secure by design , trustworthy systems : risk management model - more secure or less secure. If they see the data, you can prove categorically that they cannot learn anything about it. String of random bits same length as plaintext, xor data w/ the random string (cid:3247)ciphertext(cid:3248) Probability that a given message is encoded in the ciphertext is unaltered by knowledge of the ciphertext. Problems w/ binary model: abstract design != concrete artifact. Many assumptions are brittle in real systems. We delude ourselves into thinking that we understand our own creations. Nobody knows how these systems really work. Complex systems co-evolve w/ attacks against them. One vulnerability can matter! (still some vulnerabilities remaining) You never win - best case you can do is play catch-up .