CS 487: Building Secure Computer Systems

Introduction

As we move ever more of our life online, the Internet presents a rich treasure trove to attackers. These attackers attempt to steal our money, sensitive personal information, corporate and government secrets, elections, and many other targets.

Computer security is about what happens when the attacker comes in contact with the software system. Because the ultimate attacker is human---and therefore intelligent---the attacker changes their attack in response to evolving sofware. As a result, attacks are constantly evolving, rendering defences against yesterday's attacks useless against new attacks. Thus, defending against specific attacks is doomed to failure, instead a systematic approach to security is needed. This course seeks to provide that systematic approach.

We consider the various attackers and their motivation; the threats they pose to computer systems; the security services which both enable and limit authorized user actions; the way that programs fail under attack and thus allow attackers to take over systems; the role that systems layers play in security; the techniques for building security critical systems; and the ways organizations set up their authentication/authorization to limit the damage done by insiders, customers, and the public.

This is not a programming intensive course like CS 485 (Network Operating System Programming), insecure programs (seem) to work fine until attack, so to build secure systems the programmer/system administrator must understand and anticipate what can go wrong as well as use security-specific software.

Announcements

  • aug.27: Servers
    • piazza available: piazza.com/uic/fall2020/cs487
    • zoom video for class
    • video and assignment archive: box.com
  • aug.14: Course web page created
  • aug.13: Course available for Fall'20

Syllabus

  • system software stack (including OS, VM, Compilers, Runtime) impact on security of systems and applications
  • security holes how software fails
  • access controls and authorization limiting what individual users and programs can do
  • authentication determining with whom you are communicating
  • crypto overviewcrypto primitives which are building blocks of secure systems
  • secure networkinghow to prevent network communications to be read or tampered with

Required Text

    We'll be using my manuscript. Its over 500 pages at this point (we cover about 1/2 in this course) plus front and back matter. In addition, we'll supplement it to talk about some more recent attacks such as Spectre and Meltdown.

Required work

  1. Projects (70%): we will have 4-5 projects. We'll focus on protecting rather than attacking systems. Here is a preliminary set of assignments:
    1. Access controls on Linux: this will explore the use of access controls to protect applications from attacks
    2. Crypto: this will explore different classes of crypto operations to perform various security services
    3. Encrypted and Authenticated networking: implement a pseudo-application whose networking is protected from tampering and reading, and endpoints are authenticated
    4. Security holes: detecting and fixing security holes in programs
  2. Participation (30%)

Recommended Reading

  • Ross Anderson, Security Engineering, John Wiley. (Really nice discussions of many topics and very readable. Highly recommended.)
  • Pfleeger and Pfleeger, Security in Computing, Prentice-Hall, 3rd Edition. (Used previously for this course, good coverage of OS issues.)
  • Gollmann, Computer Security, John Wiley. (Broad coverage, but terse)
Jon A. Solworth
Last modified: 9 January 2022