Tentative Syllabus

These topics are tentative and subject to change without warning. If I don’t discuss something you’re interested in, ask about it! I may very well add it or modify what I’m covering to include it.

lec	date	topic	reading	due
1.	Apr 1	Introduction, overview of security	§1
2.	Apr 3	Access control matrix model	§2
3.	Apr 5	Safety question and the HRU result	§3.1, 3.2
4.	Apr 8	Take-Grant Protection Model, de jure rules	§3.3
5.	Apr 10	Take-Grant Protection Model, de facto rules	[Bis96]
6.	Apr 12	Schematic Protection Model	§3.4	homework #1
7.	Apr 15	Schematic Protection Model, Expressive power	§3.5	project selection
8.	Apr 17	Comparison of models, ESPM, TAM, MTAM	handout, [ZLN05]
9.	Apr 19	Security policies, mechanisms	§4
10.	Apr 22	Lattices, Bell-LaPadula model	§30, 5
11.	Apr 24	Bell-LaPadula model, System Z	handout, §5.3, 5.4
12.	Apr 26	Biba, Clark-Wilson Integrity Models	§6.2, 6.4	homework #2
13.	Apr 29	Chinese Wall, Other Hybrid Policy Models	§7.1, 7.2, [WB04]
14.	May 1	ORCON, RBAC Access Control Models	§7.3, 7.4
15.	May 3	PKIs, Deterministic Noninterference	§8.1, 8.2, [KR02]
16.	May 6	Generalized noninterference, policy composition	§8.3–8.4, [Man02]
17.	May 8	Nondeducibility, restrictiveness, composition	§8.5	progress report
18.	May 10	Identity, anonymity, probability	§14, 33	homework #3
19.	May 13	Entropy, information flow problems	§16.1, 16.2, [BDU07]
20.	May 15	Information flow	§16.3–16.5
21.	May 17	Confinement problem, isolation	§17.1, 17.2, 33
22.	May 20	Analyzing covert channels	§17.3, [SMB06]
23.	May 22	Assurance	§18, 19.1
24.	May 24	Assurance	§19.2	homework #4
—	May 27	no class; Memorial Day
25.	May 29	Evaluation standards	§21
26.	May 31	The insider problem	[BEP+08, BBSH+09]
27.	Jun 3	Attack models	[TL00]
28.	Jun 5	Application: electronic voting systems
—	Jun 6			homework #5
—	Jun 8	*Final examination period*		completed project

References

[BBSH+09]: Brian M. Bowen, Malek Ben Salem, Shlomo Hershkop, Angelos D. Keromytis, and Salvatore J. Stolfo. Designing host and network sensors to mitigate the insider threat. IEEE Security and Privacy, 7(6):22–29, November 2009.
[BDU07]: Michael Backes, Markus Dümuth, and Dominique Unruh. Information flow in the peer-reviewing process. In Proceedings of the 2007 IEEE Symposium on Security and Privacy, pages 187–191, May 2007.
[BEP+08]: Matt Bishop, Sophie Engle, Sean Peisert, Sean Whalen, and Carrie Gates. We have met the enemy and he is us. In Proceedings of the 2008 Workshop on New Security Paradigms, NSPW ’08, pages 1–12, New York, NY, USA, Sep. 2008. ACM.
[Bis96]: Matt Bishop. Conspiracy and information flow in the take-grant protection model. Journal of Computer Security, 4(4):331–359, 1996.
[KR02]: Calvin Ko and Timothy Redmond. Noninterference and intrusion detection. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, pages 177–187, May 2002.
[Man02]: H. Mantel. On the composition of secure systems. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, pages 88–101, May 2002.
[SMB06]: Gaurav Shah, Andreas Molina, and Matt Blaze. Keyboards and covert channels. In Proceedings of the 15th USENIX Security Symposium, page 5, Berkeley, CA, USA, 2006. USENIX Association.
[TL00]: Steven J. Templeton and Karl Levitt. A requires/provides model for computer attacks. In Proceedings of the 2000 New Security Paradigms Workshop, NSPW ’00, pages 31–38, New York, NY, USA, 2000. ACM.
[WB04]: Thomas Walcott and Matt Bishop. Traducement: A model for record security. ACM Transactions on Information System Security, 7(4):576–590, 2004.
[ZLN05]: Xinwen Zhang, Yingjiu Li, and Divya Nalla. An attribute-based access control matrix model. In Proceedings of the 2005 ACM Symposium on Applied Computing, SAC ’05, pages 359–363, New York, NY, USA, 2005. ACM.

You can also obtain a PDF version of this.

Version of March 28, 2013 at 10:37PM