In this talk, we'll discuss a 10,000-foot view of systems security. I'll go through many of the fundamental concepts around access control: the access control matrix, its implementation in access-control list and capability table mechanisms, some insights into how access to different system resources might be assigned through the constrained information flow of the Bell-LaPadula policy, and, finally, the goals of a real implementation of a secure OS and its reference monitor.
