Computer Security Foundations

CoS 597B

Logistics

Instructor: David Walker

Time:  Monday, Wednesday 3:00 -- 4:20

Room:  computer science 401  <-- Note the change.

Description

      This advanced course focuses on the intersection of computer security, programming languages and automated analysis of software.  The course should appeal both to students interested in advanced programming language topics and to students interested in how such technology can be applied to computer systems.  Most of the material will be taken from the research literature.  Classes will be a mix of lectures and seminar-style discussions of state-of-the-art research.  Topics include the following

bullet

Design principles for secure systems:  economy of mechanism, complete mediation, security as process, minimization of trusted computing base, open design, etc.

bullet

Formal notions of security and security properties:  safety, liveness, secrecy, integrity, authenticity, etc.

bullet

Dynamic program monitoring:  security automata, design of security monitoring languages

bullet

Static program monitoring: type systems for enforcing security properties such as secrecy and integrity by tracking information flow; model checking for security properties

bullet

Logic, logic programming and security: logical specifications of security policies, distributed logic programming and security

bullet

Safe mobile code: Java security, class loaders, stack inspection, and type-safe virtual machines

     No textbook for the course is required. Instead, students will be expected to read and discuss papers from the literature.  A graduate-student level of mathematical maturity is required.  A previous course in programming language semantics (or theorem proving) will be helpful.

Schedule

A tentative schedule for the class can be found here.

 Grading

Grades for this course will depend upon:

bulletClass participation, assignments, presentations, pop quizzes:  50%
bulletFinal course project: 50%

Projects

    All students taking the course for a grade will complete a course project of substantial size.  Students must work consistently on the project (spending 10 hours/week on the course).  The final submission for the project will be a report due Jan 11 (Dean's Date).

    More project information is here.