Instructor: David Walker
Time: Monday, Wednesday 3:00 -- 4:20
Room: computer science 401 <-- Note the change.
This advanced course focuses on the intersection of computer security, programming languages and automated analysis of software. The course should appeal both to students interested in advanced programming language topics and to students interested in how such technology can be applied to computer systems. Most of the material will be taken from the research literature. Classes will be a mix of lectures and seminar-style discussions of state-of-the-art research. Topics include the following
Design principles for secure systems: economy of mechanism, complete mediation, security as process, minimization of trusted computing base, open design, etc. | |
Formal notions of security and security properties: safety, liveness, secrecy, integrity, authenticity, etc. | |
Dynamic program monitoring: security automata, design of security monitoring languages | |
Static program monitoring: type systems for enforcing security properties such as secrecy and integrity by tracking information flow; model checking for security properties | |
Logic, logic programming and security: logical specifications of security policies, distributed logic programming and security | |
Safe mobile code: Java security, class loaders, stack inspection, and type-safe virtual machines |
No textbook for the course is required. Instead, students will be expected to read and discuss papers from the literature. A graduate-student level of mathematical maturity is required. A previous course in programming language semantics (or theorem proving) will be helpful.
A tentative schedule for the class can be found here.
Grades for this course will depend upon:
Class participation, assignments, presentations, pop quizzes: 50% | |
Final course project: 50% |
All students taking the course for a grade will complete a course project of substantial size. Students must work consistently on the project (spending 10 hours/week on the course). The final submission for the project will be a report due Jan 11 (Dean's Date).
More project information is here.