Reading List

Below is a basic reading list in operating systems, networks, and security. There is a mix of conceptual books (Nutt; Kurose; Anderson; and Kaufmann) and programming books (Stevens; Stevens; Beck). The books are listed in no particular order: I suggest Ross Anderson's book as a first book in security; students should read these books in the order dicatated by their interests and backgrounds.

We also have an extensive bibliography of research articles maintained as a git repository.

  • Ross Anderson, Security Engineering, Wiley, 2002. Very broad book on computer security and security in general. The first edition is available for free on-line, the second edition has to be bought.
  • Maurice Bach, The design of the UNIX operating System, Prentice-Hall, 1986. This book is old, before OSs got so complex. That's a good thing, so this is the first book I recommend on OS kernel internals.
  • Jim Gray and Andreas Reueter: Transaction Processing: Concepts and Techniques, Morgan-Kaufman. Good book on system designs and transactions in particular. Transactions are one of the most brilliant ideas in systems, well worth reading this book to expore how to implement them.
  • David Chisnall, The definitive guide to the Xen hypervisor, Prentice-Hall. If your going to hack an OS on top of Xen (this is the way Ethos is implemented), this is the book you need.
  • James Kurose and Keith Ross, Introduction to Networking: A Top-Down Approach Featuring the Internet, Addison-Wesley. Excellent conceptual intro to networks.
  • Charlie Kaufman, Radia Perlman and Mike Speciner, Network Security: Private Communication in a Public World, 2nd ed., Prentice-Hall, 2002.
  • W. Richard Stevens, Advanced Programming in the UNIX Environment, Addison-Wesley, 1992. Programming and advanced use of OS resources.
  • W. Richard Stevens, UNIX Network Programming, Volume 1, Second Edition: Networking APIs: Sockets and XTI, Prentice Hall, 1998. Network programming.
  • M. Beck, H. Bohme, M. Dziadzka, U. Kunitz, R. Magnus, C. Schroter, D. Verworner, "Linux Kernel Programming", 3rd Ed., Addison-Wesley. Intro to Linux kernel programming.

Students wishing to join the lab

The lab is highly experimental. Students typically spend a significant amount of time designing and then implementing a project. The projects can be either system code or simulators intended to study computer systems security and networks. This system code is now centering on Ethos, an operating system we are building and on the system code which runs on top of Xen. We also do some theoretical work related to these projects, usually in conjunction with other faculty.

The most demanding task we are involved in is the implementation of the Ethos kernel and userspace code. As Ethos is not compatible with UNIX, there is significant work to do in user space. Before beginning a kernel programming project, a student should have a solid conceptual understanding of operating systems, substantial programming using standard libraries and system calls, study of the structure of Linux, and knowledge of latex, C, make, gdb, git, ... Latex is listed first because it is what we used to write documents; if you cannot describe precisely what you are building and why, it is too early to begin implementation.

At the process level we build 1) tools for the operating system and 2) modify or build applications using novel operating features. Projects include modification of applications to work with our protection model, analysis of protection properties of a system, security configuration management tools,