The practice of computer security draws on the principles and mechanisms discussed in Parts 1 through 7. Part 8 explores the application of these ideas and tools in four different settings. Each chapter considers a particular situation and discusses solutions that include various levels of security. Beginning with policy considerations, each chapter develops a security architecture and deploys appropriate mechanisms to provide the desired level of security.

Chapter 26, “Network Security,” considers a corporation that must provide public access to some information but limit access to other information even within the company. It derives parts of a network configuration and security mechanisms that support the policy.

Chapter 27, “System Security,” examines two systems in the corporation's network. One is an infrastructure machine in the DMZ (demilitarized zone) and the other is a developer workstation. This chapter discusses an appropriate policy for each, and from parts of that policy derives system configurations and mechanisms that support the security policy.

Chapter 28, “User Security,” shows how components of a site policy and a user's personal policy lead to the user configuring her environment to provide protection for her programs and data.

Chapter 29, “Program Security,” begins with the requirements for a program. Policy considerations flow from these requirements and from the environment in which the program is to be used, and from these policy considerations are developed the security mechanisms that the program must implement. This chapter concludes with a discussion of common errors that cause vulnerabilities in privileged programs.