| Date |
Topic |
Assignments Due |
Readings (read before class) |
Slides |
| 1/12/10 - No class |
| 1/14/10 |
Introduction |
|
Smashing the Stack for Fun and Profit, Aleph One, Phrack, 1998.
Smashing the Modern Stack for Fun and Profit, Craig J. Heffner, The Ethical Hacker, 2009. |
lecture 1
|
| 1/19/10 |
Protection |
Proj. 1: Buffer Overflow
Due: M 2/1/10 5:00p
|
Operating Systems Security - Ch 1
Chapter 2: Why Systems Are Not Secure?.
Morrie Gasser,
in Building a Secure Computer System, 1988.
The Risks Digest.
Security Focus: Bugtraq.
|
lecture 2
|
| 1/21/10 |
Security Principles |
|
Operating Systems Security - Ch 2
Computer Security Archives Project, Matt Bishop, UC Davis.
Computer Security Technology Planning Study, Anderson, J. P., ESD-TR-73-51, ESD/AFSC, Hanscom AFB, Bedford, MA (Oct. 1972) [NTIS AD-758 206]; Volume I.
Reference Monitor Concept, Trent
Jaeger, Encyclopedia of Cryptography and Security, 2010.
|
lecture 3
|
| 1/26/10 |
Multics |
|
Operating Systems Security - Ch 3
Introduction and Overview of the Multics System
F. J. Corbato and V. A. Vyssotsky,
in Proceedings of the Fall Joint Computer Conference, 1965.
|
lecture 4
|
| 1/28/10 |
Multics Challenges |
|
Multics Security Evaluation: Vulnerability Analysis.
Paul A. Karger and Roger R. Schell, Tech report ESD-TR-74-193, Hanscom AFB.
Final Report of the Multics Kernel Design Project. Part I, pgs 1-13
Tech Report MIT/LCS/TR-196,
Michael Schroeder, David Clark, Jerome Saltzer, D. Wells, MIT,
1977
|
lecture 5
|
| 2/2/10 |
Ordinary Operating Systems |
VMware and kernel install notes
|
Operating Systems Security - Ch 4
|
lecture 6
|
| 2/4/10 |
Mandatory Access Control |
|
Operating Systems Security - Ch 5
|
lecture 7
|
| 2/9/10 |
Mandatory Access Control |
|
Lattice-Based Access Control Models.
Ravi S. Sandhu,
IEEE Computer, 1993.
|
lecture 8
|
| 2/11/10 |
Security Kernels |
Proj. 2: Linux Security Module
Due: Th 2/25/10 11:59p
|
Operating Systems Security - Ch 6
Scomp: A Solution to the Multilevel Security Problem.
Lester J. Fraim
in IEEE Computer, 1983.
|
lecture 9
|
| 2/16/10 |
Security Kernels |
|
Fault Isolation for Device Drivers.
Jorrit N. Herder, Herbert Bos, Ben Gras, Philip Homburg, and Andrew S. Tanenbaum,
in Proceedings of the 39th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'09), pgs. 33-42, July 2009.
|
lecture 10
|
| 2/18/10 |
Retrofit Commercial |
|
Operating Systems Security - Ch 7
|
lecture 11
|
| 2/23/10 |
Trusted Solaris |
|
Operating Systems Security - Ch 8
|
lecture 12
|
| 2/25/10 |
MAC OS Systems - Linux |
|
Linux Security Modules: General Security Support for the Linux Kernel.
Chris Wright, Crispin Cowan, Stephen Smalley, James Morris, and Greg Kroah-Hartman,
in Proceedings of the 11th USENIX Security Symposium, 2002.
|
lecture 13
|
| 3/2/10 |
MAC OS Systems - SELinux |
|
Operating Systems Security - Ch 9
|
lecture 14
SELinux Policy
SELinux Design
|
| 3/4/10 |
SELinux Policy and Analysis |
Project 3 Program |
Analyzing Integrity Protection in the SELinux Example Policy.
Trent Jaeger, Xiaolan Zhang, and Reiner Sailer,
in Proceedings of the 12th USENIX Security Symposium, 2003.
|
lecture 15
|
| 3/8/10-3/12/10 - No class - Spring Break |
| 3/16/10 |
Capability Systems |
In Room 222 IST
Proj. 3: Attack Surface |
Operating Systems Security - Ch 10
A Secure Identity-Based Capability System.
L. Gong,
1989 IEEE Symposium Security and Privacy, May 1989.
|
lecture 16
|
| 3/18/10 |
Virtual Machine Systems |
|
Operating Systems Security - Ch 11
|
lecture 17
|
| 3/23/10 |
Virtual Machine Systems |
|
Overshadow: A Virtualization-Based Approach to Retrofitting
Protection in Commodity Operating Systems.
Xiaoxin Chen, Tal Garfinkel, E. Christopher Lewis, Pratap Subrahmanyam,
Carl A. Waldspurger (VMware), Dan Boneh (Stanford), Jeffrey Dwoskin (Princeton), and Dan R.K. Ports (MIT),
in Proceedings of the 2008 Conference on Architectural Support for Programming Languages and Operating Systems, 2008.
Splitting Interfaces: Making Trust Between Applications and Operating
Systems Configurable.
Richard Ta-Min, Lionel Litty and David Lie,
in Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2006). Pages 279-292. November 2006.
|
lecture 18
|
| 3/25/10 |
Catch Up |
Take Home Exam - Due 3/30/10
|
|
|
| 3/30/10 |
Operating Systems Security - Ch 12
Assurance |
|
seL4: Formal Verification of an OS Kernel.
Gerwin Klein et al, in Proceedings of the 22nd ACM Symposium on Operating Systems Principles,
October 2009.
|
lecture 19
seL4
|
| 4/1/10 |
Practical Integrity |
|
Usable Mandatory Integrity Protection for Operating Systems.
Ninghui Li, Ziqing Mao, and Hong Chen,
in Proceedings of the 2007 IEEE Symposium on Security and Privacy, 2007.
Toward Automated Information-Flow Integrity Verification for Security-Critical Applications.
Umesh Shankar, Trent Jaeger, and Reiner Sailer,
in Proceedings of the Symposium on Network and Distributed Systems Security, 2006.
|
UMIP
CW-Lite
|
| 4/6/10 |
Application Security |
|
A Decentralized Model for Information Flow Control.
Andrew Myers and Barbara Liskov,
in Proceedings of the 16th ACM Symposium on Operating Systems Principles, 1997.
|
DLM
|
| 4/8/10 |
Decentralized Info Flow |
|
Information flow control for standard OS abstractions.
Maxwell Krohn et al,
in Proceedings of the ACM Symposium on Operating Systems Principles, 2007.
|
Flume
|
| 4/13/10 |
Application Integrity |
|
Control-flow Integrity.
Martin Abadi, Mihai Budiu, Ulfar Erlingsson, and Jay Ligatti,
in Proceedings of the 12th ACM Conference on Computer and Communications Security,
2005.
Securing software by enforcing data-flow integrity.
Miguel Castro, Manuel Costa, and Tim Harris,
in Proceedings of the 7th Symposium on Operating Systems Design and Implementation,
2006.
|
CFI
DFI
|
| 4/15/10 |
Storage Security |
|
Rootkit-Resistant Disks.
Kevin R. B. Butler, Stephen McLaughlin and Patrick D. McDaniel, in Proceedings of the 15th ACM Conference on Computer and Communications Security,
2008.
|
RRD
|
| 4/20/10 |
Trustworthy Computing |
|
Outbound Authentication for Programmable Secure
Coprocessors.
Sean W. Smith,
International Journal on Information Security,
May 2004.
Design and Implementation of a TCG-based
Integrity Measurement Architecture.
Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and Leendert van Doorn,
in Proceedings of the 13th USENIX Security Symposium,
August 2004.
|
OA
IMA
|
| 4/22/10 |
System-Wide Integrity |
|
Saner: Composing Static and Dynamic Analysis to
Validate Sanitization in Web Applications.
Davide Balzarotti et al.
in Proceedings of the 2008 IEEE Symposium on Security and Privacy, 2008.
|
Saner
|
| 4/27/10 |
Web Systems Security |
|
Secure web browsing with the OP web browser.
Chris Grier, Shuo Tang, and Samuel T. King (UIUC),
in Proceedings of the 2008 IEEE Symposium on Security
and Privacy, 2008.
|
OP
|
| 4/29/10 |
Final Exam -- in class |
|