CS 587: Computer Systems Security

Introduction

This is a broad, conceptual course about computer security---the study of what happens when an attacker comes in contact with a software system. Because the ultimate attacker is human---and therefore intelligent---protecting against individual attacks results in the attacker changing her attack. As a result, computer security is constantly changing and thus as the system defenders up their game, so too do the attackers. Thus, defending against specific attacks is doomed to failure, instead a systematic approach to security is needed. This course seeks to provide that systematic approach.

We consider the various attackers and their motivation; the threats they pose to computer systems; the security services which both enable and limit authorized user actions; the way that programs fail under attack and thus allow attackers to take over systems; the role that systems layers (hardware, operating systems, virtual machines, programming languages, browsers, etc) play in security; the techniques for building security critical systems; and the ways organizations set up their authentication/authorization to limit the damage done by insiders, customers, and the public.

Insecure systems stem both from both the nature of software and the way we have built our software stacks. We shall explore the tradeoffs that result.

This is a systems course, so it is advisable that students have some systems background such as CS 361. This is not a programming intensive course like CS 485 (Network Operating System Programming).

Announcements

  • We'll teach the first 2 weeks of the semester remotely
  • Using the following tools
    • uofi.box.com: assignments, documentation, software distribution.
      • You should have received an invite on your uic email address (if not, let me know).
      • Once you have the invite, if box is not enabled for you, go to https://box.illinois.edu/ and enable it.
    • piazza.com: discussion of class issues
    • uic.zoom.us: remote lectures
    • This page: deadlines for various assignments
  • Zoom CS 587 Zoom

Required Text

    We'll be using my manuscript. Its over 500 pages at this point (we cover about 1/2 in this course) plus front and back matter. In addition, we'll supplement it to talk about some more recent attacks such as Spectre and Meltdown.

Required work

  1. Homeworks (15%)
  2. Programming assignment (15%)
  3. Class Project (50%)
  4. Presentations (20%)

Syllabus

This course will examine:
  • Definition of computer security
  • Computer systems structure and its impact on security
  • Attacks
  • Classes of programs which have security failures
  • Taxonomy of security holes
  • Assurance that systems meet their security goals
  • Security models (eg. Chinese Wall, Bell-LaPadula, and Clark Wilson) and properties (eg. information flow, non-interference, separation of duties)
  • Authentication
  • Access control models, their use and analysis (eg. POSIX/Unix models, Lattice, Type enforcement, LEAP)
  • Covert channels and their analysis
We shall examine these issues from the perspective of the white hats--those that protect the system--and the black hats--those that attack the system.

Recommended Reading

  • Ross Anderson, Security Engineering, John Wiley. (Really nice discussions of many topics and very readable. Highly recommended.)
  • Pfleeger and Pfleeger, Security in Computing, Prentice-Hall, 3rd Edition. (Used previously for this course, good coverage of OS issues.)
  • Gollmann, Computer Security, John Wiley. (Broad coverage, but terse)

Undergraduates wishing to take the course should send me email with the following information:

  • Number of completed credit hours
  • List of CS courses taken.
  • GPA
Jon A. Solworth
Last modified: 18 August 2019