Operating Systems and Web Security: Fall 2012: Difference between revisions

From Soma-notes
← Older edit
 
(36 intermediate revisions by 2 users not shown)
Line 18: Line 18:
   <tr valign="top">
   <tr valign="top">
     <th>
     <th>
     <p align="left">Date</p>
     <p align="left">Date   </p>
     </th>
     </th>
     <th>
     <th>
Line 167: Line 167:
       </td>
       </td>
       <td>
       <td>
       <p>XSS 1
       <p>Cross-Site Scripting
       </p>
       </p>
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>CERT, [http://www.cert.org/advisories/CA-2000-02.html Malicious HTML Tags]<br>
        Wikipedia, [http://en.wikipedia.org/wiki/Cross-site_scripting Cross-Site Scripting]<br>
        OWASP, [https://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29 Cross-Site Scripting (XSS)]<br>
        Gundy &amp; Chen, [https://www.isoc.org/isoc/conferences/ndss/09/pdf/03.pdf Noncespaces: Using Randomization to Enforce Information Flow Tracking and Thwart Cross-Site Scripting Attacks]
       </p>
       </p>
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>[[OSWebSec: Cross-Site Scripting|Cross-Site Scripting Notes]]
       </p>
       </p>
       </td>
       </td>
Line 185: Line 188:
       </td>
       </td>
       <td>
       <td>
       <p>XSS 2
       <p>Web Mashups
       </p>
       </p>
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>Jackson &amp; Wang, [http://www2007.org/papers/paper801.pdf Subspace: secure cross-domain communication for web mashups]<br>
        Wang et al., [http://dx.doi.org/10.1145/1294261.1294263 Protection and communication abstractions for web browsers in MashupOS] [http://dl.acm.org.proxy.library.carleton.ca/citation.cfm?doid=1294261.1294263 (proxy)] [http://research.microsoft.com/~helenw/papers/sosp07MashupOS.pdf (author)]
       </p>
       </p>
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>[[OSWebSec: Web Mashups|Web Mashups Notes]]
       </p>
       </p>
       </td>
       </td>
Line 203: Line 207:
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>L4
       </p>
       </p>
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>Liedtke, [http://dx.doi.org/10.1145/234215.234473 Toward Real Microkernels] [http://dl.acm.org.proxy.library.carleton.ca/citation.cfm?id=234473 (proxy)]<br>
        Klein et al., [http://dx.doi.org/10.1145/1629575.1629596 seL4: formal verification of an OS kernel] [http://dl.acm.org.proxy.library.carleton.ca/citation.cfm?id=1629596 (proxy)]
       </p>
       </p>
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>[[OSWebSec: L4|L4 Notes]]
       </p>
       </p>
       </td>
       </td>
Line 221: Line 226:
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>Exokernels
       </p>
       </p>
       </td>
       </td>
       <td>
       <td>
       <p>
       <p> Engler &amp; Kaashoek, [http://dx.doi.org/10.1109/HOTOS.1995.513459 Exterminate all operating system abstractions] [http://ieeexplore.ieee.org.proxy.library.carleton.ca/xpl/articleDetails.jsp?reload=true&arnumber=513459 (proxy)]<br>
          Engler et al., [http://dx.doi.org/10.1145/224056.224076 Exokernel: an operating system architecture for application-level resource management] [http://dl.acm.org.proxy.library.carleton.ca/citation.cfm?id=224076 (proxy)]
       </p>
       </p>
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>[[OSWebSec: Exokernels|Exokernels Notes]]
       </p>
       </p>
       </td>
       </td>
Line 239: Line 245:
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>Midterm summary discussion<br>
        Project discussion
       </p>
       </p>
       </td>
       </td>
Line 247: Line 254:
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>[[OSWebSec: Midterm Study Guide|Midterm Study Guide]]
       </p>
       </p>
       </td>
       </td>
Line 257: Line 264:
       </td>
       </td>
       <td>
       <td>
       <p>'''Midterm Exam'''<br>'''Proposals Due'''
       <p>'''[https://homeostasis.scs.carleton.ca/~soma/oswebsec/oswebsec-midterm-f2012.pdf Midterm Exam]''' ([https://homeostasis.scs.carleton.ca/~soma/oswebsec/oswebsec-midterm-f2012.tex LaTeX])<br>'''Proposals Due'''
       </p>
       </p>
       </td>
       </td>
Line 275: Line 282:
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>Old Code
       </p>
       </p>
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>Ozment & Schechter, [http://static.usenix.org/event/sec06/tech/ozment.html Milk or Wine: Does Software Security Improve with Age?]
       </p>
       </p>
       </td>
       </td>
Line 293: Line 300:
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>Old APIs
       </p>
       </p>
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>Bright, [http://arstechnica.com/features/2012/10/windows-8-and-winrt-everything-old-is-new-again/ An in-depth look at WinRT]
       </p>
       </p>
       </td>
       </td>
Line 311: Line 318:
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>Chrome
       </p>
       </p>
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>Reis et al., [http://queue.acm.org/detail.cfm?id=1556050 Browser Security: Lessons from Google Chrome]
       </p>
       </p>
       </td>
       </td>
Line 329: Line 336:
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>iOS and Android Security
       </p>
       </p>
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>[http://homeostasis.scs.carleton.ca/~soma/oswebsec/iOS_Security_May12.pdf iOS Security], [http://source.android.com/tech/security/ Android Security]
       </p>
       </p>
       </td>
       </td>
Line 351: Line 358:
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>Felt et al., [https://www.eecs.berkeley.edu/~daw/papers/perms-webapps11.pdf The Effectiveness of Application Permissions]<br>
        Lie & Litty, [http://sites.google.com/site/lionellitty/research/publications/STC10.pdf Using Hypervisors to Secure Commodity Operating Systems]
       </p>
       </p>
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>[[OSWebSec: App Perms & Hyperviz|App Perms Hyperviz]]
       </p>
       </p>
       </td>
       </td>
Line 369: Line 377:
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>Belay et al., [http://www.scs.stanford.edu/~dm/home/papers/belay:dune.pdf Dune: Safe User-level Access to Privileged CPU Features]<br>
        McCune et al., [http://www.cs.purdue.edu/homes/bertino/426Fall2009/flicker.pdf Flicker: An Execution Infrastructure for TCB Minimization]
       </p>
       </p>
       </td>
       </td>
Line 387: Line 396:
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>De Groef et al., [https://lirias.kuleuven.be/bitstream/123456789/354589/2/fp015-degroef.pdf FlowFox: a Web Browser with Flexible and Precise Information Flow Control]<br>
        Wang et al., [http://www.usenix.org/event/sec09/tech/full_papers/wang.pdf The Multi-Principal OS Construction of the Gazelle Web Browser]
       </p>
       </p>
       </td>
       </td>
Line 405: Line 415:
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>Mickens & Dhawan, [http://research.microsoft.com/pubs/154698/Atlantis-SOSP.pdf Atlantis: Robust, Extensible Execution Environments for Web Applications]<br>
        Chen et al., [http://www.collinjackson.com/research/papers/appisolation.pdf App Isolation: Get the Security of Multiple Browsers with Just One]
       </p>
       </p>
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>[[OSWebSec: Browser Implementations|Browser Imp Notes]]
       </p>
       </p>
       </td>
       </td>
Line 423: Line 434:
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>Chen et al., [http://www.cs.purdue.edu/homes/bertino/426Fall2009/overshadow.pdf Overshadow: A Virtualization-Based Approach to Retrofitting Protection in Commodity Operating Systems]<br>
        Andrus et al., [http://web4.cs.columbia.edu/~nieh/pubs/sosp2011_cells.pdf Cells: A Virtual Mobile Smartphone Architecture]
       </p>
       </p>
       </td>
       </td>
Line 441: Line 453:
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>Akhawe, Saxena, & Song, [https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final168.pdf Privilege Separation in HTML5 Applications]<br>
        Tang et al., [http://www.cs.columbia.edu/~roxana/research/projects/cleanos/osdi2012cleanos.pdf CleanOS: Limiting Mobile Data Exposure with Idle Eviction]
       </p>
       </p>
       </td>
       </td>
Line 455: Line 468:
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>Presentations 1
       </p>
       </p>
       </td>
       </td>
Line 470: Line 483:
       <td>
       <td>
       <p>Nov. 29
       <p>Nov. 29
      </p>
      </td>
      <td>
      <p>Presentations 2
      </p>
      </td>
      <td>
      <p>
       </p>
       </p>
       </td>
       </td>
       <td>
       <td>
       <p>
       <p>
      </p>
      </td>
    </tr>
<tr>
      <td>
      <p>Dec. 4, 10 AM
      </p>
      </td>
      <td>
      <p>[[OSWebSec: Final Exam Study Guide|Final Exam Study Session]]
       </p>
       </p>
       </td>
       </td>
Line 487: Line 518:
<tr>
<tr>
       <td>
       <td>
       <p>TBA
       <p>Dec. 6, 9 AM<br>SA 404
       </p>
       </p>
       </td>
       </td>

Latest revision as of 16:43, 12 March 2013

Course Outline

The outline of the course can be found here.

Reading Responses

In general, reading responses should be turned in by 8 PM on Monday prior to the associated readings being discussed in class. Submitted reading responses should be no more than 1000 words in total for discussion of all the week's readings. (NOT 1000 words per reading!) Reading responses should be a discussion of what you got out of the readings and what questions you still have. I will attempt to read everyone's responses before class so I have an idea how to direct in-class discussion. In particular, I will be looking for topics on which to give more background.

Suggestion on how to do responses: Read all the papers first, then take a break, then write a response. Don't write after each reading. You don't even need to take notes unless that is how you read papers.

The first reading response is due on Monday, September 17th, 8 PM. Note that this response should also discuss how useful and enjoyable the unsupervised in-class discussion of the readings went.

Responses should be submitted via Carleton's new cuLearn.

Readings

Date

Topics

Readings

Notes

Sept. 6

Introduction

Introduction Notes

Sept. 11

Fundamentals (Groups)

Saltzer & Schroeder, The Protection of Information in Computer Systems (1975) (Link to PDF version)

Fundamentals Notes

Sept. 13

Criteria (Groups)

The DoD Orange Book (1985)

Criteria Notes

Sept. 18

Fundamentals (Discussion)

Sept. 20

Criteria (Discussion)

Sept. 25

Code Injection Attacks

Aleph One, Stack Smashing for Fun and Profit
Buchanan et al., When good instructions go bad: generalizing return-oriented programming to RISC (proxy)

Code Injection Attacks Notes

Sept. 27

Code Injection Defenses

Bojinov et al., Address space randomization for mobile devices (proxy)
Kc et al., Countering Code-Injection Attacks With Instruction-Set Randomization (proxy)
OPTIONAL: Barrantes et al., Randomized instruction set emulation (proxy)

Code Injection Defenses Notes

Oct. 2

Cross-Site Scripting

CERT, Malicious HTML Tags
Wikipedia, Cross-Site Scripting
OWASP, Cross-Site Scripting (XSS)
Gundy & Chen, Noncespaces: Using Randomization to Enforce Information Flow Tracking and Thwart Cross-Site Scripting Attacks

Cross-Site Scripting Notes

Oct. 4

Web Mashups

Jackson & Wang, Subspace: secure cross-domain communication for web mashups
Wang et al., Protection and communication abstractions for web browsers in MashupOS (proxy) (author)

Web Mashups Notes

Oct. 9

L4

Liedtke, Toward Real Microkernels (proxy)
Klein et al., seL4: formal verification of an OS kernel (proxy)

L4 Notes

Oct. 11

Exokernels

Engler & Kaashoek, Exterminate all operating system abstractions (proxy)
Engler et al., Exokernel: an operating system architecture for application-level resource management (proxy)

Exokernels Notes

Oct. 16

Midterm summary discussion
Project discussion

Midterm Study Guide

Oct. 18

Midterm Exam (LaTeX)
Proposals Due

Oct. 23

Old Code

Ozment & Schechter, Milk or Wine: Does Software Security Improve with Age?

Oct. 25

Old APIs

Bright, An in-depth look at WinRT

Oct. 30

Chrome

Reis et al., Browser Security: Lessons from Google Chrome

Nov. 1

iOS and Android Security

iOS Security, Android Security

Nov. 6

Felt et al., The Effectiveness of Application Permissions
Lie & Litty, Using Hypervisors to Secure Commodity Operating Systems

App Perms Hyperviz

Nov. 8

Belay et al., Dune: Safe User-level Access to Privileged CPU Features
McCune et al., Flicker: An Execution Infrastructure for TCB Minimization

Nov. 13

De Groef et al., FlowFox: a Web Browser with Flexible and Precise Information Flow Control
Wang et al., The Multi-Principal OS Construction of the Gazelle Web Browser

Nov. 15

Mickens & Dhawan, Atlantis: Robust, Extensible Execution Environments for Web Applications
Chen et al., App Isolation: Get the Security of Multiple Browsers with Just One

Browser Imp Notes

Nov. 20

Chen et al., Overshadow: A Virtualization-Based Approach to Retrofitting Protection in Commodity Operating Systems
Andrus et al., Cells: A Virtual Mobile Smartphone Architecture

Nov. 22

Akhawe, Saxena, & Song, Privilege Separation in HTML5 Applications
Tang et al., CleanOS: Limiting Mobile Data Exposure with Idle Eviction

Nov. 27

Presentations 1

Nov. 29

Presentations 2

Dec. 4, 10 AM

Final Exam Study Session

Dec. 6, 9 AM
SA 404

Final Exam

Retrieved from "https://homeostasis.scs.carleton.ca/wiki/index.php?title=Operating_Systems_and_Web_Security:_Fall_2012&oldid=17847"