CS 587: Computer Systems Security

A note about the course

This is a broad, conceptual course about computer security---% the problems we expore here are relevant to servers, desktops, phones, and the web. In general, computer security is the study of what is the effect on computing when there are attackers. The attacker is by defintion an intelligent adversary. Thus the attacker will seek the weakest link(s) in attacking a system. This threat cannot be defended against by a single technique or a single set of techniques. This course paints a broad picture of computer security, with an emphasis on how computer security affects computer systems.

This is a systems course, so it is advisable that students have some systems background and hence it is desirable to have a background in CS 385, CS 366, and/or CS 450. This is not a programming intensive course like CS 485 (Network Operating System Programming).

Announcements

  • First Ethos program: Ethos stores log entries under the /log directory, in general one subdirectory per program (such as kernel, applications, ...) You are to write a program: logGrep path expr where path is a path to which "/log/" is pre-pended and expr is an arbitrary regular expression. logGrep searches through the log directory, reads in each string, does a pattern match against it, and outputs to directory /user/me/matches the matching lines. Due: 24 Oct, Midnight

Required Text

    We'll be using my manuscript which we used last time. Its over 500 pages at this point (we cover about 1/2 in this course) plus front and back matter.

Required work

  1. 1 Midterm (20%)
  2. 1 Final (30%)
  3. Class Project (30%)
  4. Programming project (Ethos) (10%)
  5. Homeworks (10%)

Description

This course explores in depth Computer Security. Computer security is a subject of growing concern as a result of increasing
  1. number of computers on the Internet;
  2. number of services on the Internet;
  3. amount of sensitive information on the Internet;
  4. reliance on computers for organizations; and
  5. commonality of software and hardware.

Syllabus

This course will examine:
  • Definition of computer security
  • Computer systems structure and its impact on security
  • Attacks
  • Errant programs
  • Assurance that systems meet their security goals
  • Security models (eg. Chinese Wall, Bell-LaPadula, and Clark Wilson) and properties (eg. information flow, non-interference, separation of duties)
  • Authentication
  • Access control models, their use and analysis (eg. POSIX/Unix models, Lattice, Type enforcement, LEAP)
  • Covert channels and their analysis
We shall examine these issues from the perspective of the white hats--those that protect the system--and the black hats--those that attack the system.

This is a systems course, and while it is intended to be self-contained will explore issues primarily in software including operating systems and applications software.

Recommended Reading

  • Ross Anderson, Security Engineering, John Wiley. (Really nice discussions of many topics and very readable. Highly recommended.)
  • Pfleeger and Pfleeger, Security in Computing, Prentice-Hall, 3rd Edition. (Used previously for this course, good coverage of OS issues.)
  • Gollmann, Computer Security, John Wiley. (Broad coverage, but terse)

Undergraduates wishing to take the course should send me email with the following information:

  • Number of completed credit hours
  • Any required courses not yet taken.
  • List of 400 level courses taken (and grades achieved).
  • Background in OS
  • Are you requesting course count as a technical elective (this will be harder)
  • Have you filed a petition?
  • Reason for wanting to take the course

Jon A. Solworth
Last modified: 29 August 2012