June 9, 1999
3085 ENG II

In attendance:

Karl Levitt (KL), Jim Hoagland (JH), Michael Gertz (MG), Kimberly Knowles (KK), Christina Chung (CC), Brant Hashii (BH), Dave Peticolas (DP), Aaron Keen (AK), Mark Heckman (MH), Jason Schatz (JS)

  1. Goals of Policy Group
    1. KL: New BAAs from DARPA on policy this summer.
    2. KL: Policy is inherent in all computer security research. Jim Moore states that if there is no policy, the system won't enforce it.
    3. KL: Interested in Examples
      1. At the seminar today, Paul McNabb talked out trusted operating systems. The goal was to take a mandatory policy, compile it into the operating system kernel, reference monitor - statistically and dynamically update the policy. Trusted pipelines - forwarding chains that each person must sign. It wasn't clear which policy was enforced.
        1. MG: Don't want to recompile the kernel all the time.
        2. KL: Todd Heberlein asked why do it in a kernel when you can do it in an IDS?
      2. MG: Interested in specifying policies in OCL
  2. Direction for Policy Group
    1. Read Policy papers - is OCL a good vehicle for policy. Summarize several at meetings 5-10 minutes each
    2. Prepare for Proposals that will be due in July or August.
    3. Christina and Kimberly will not be here for the summer, but Dave, Aaron, Mark, Jason and Jim will be here.
    4. Categorization of Policy Papers
      1. MG: Describe a set of features of each language
      2. JS: Categorize the expressiveness of languages
      3. KL: Look at examples; Describe obligations of deonitic language
    5. We'll meet again in two weeks to discuss papers.