Operating Systems and Web Security: Fall 2012: Difference between revisions
Created page with "Course info for OS & Web Security will be here soon!" |
|||
(58 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
Course | ==Course Outline== | ||
The outline of the course can be found [http://www.scs.carleton.ca/courses/course_outline.php?Term=Fall&Year=2012&Number=COMP%205900J here]. | |||
==Reading Responses== | |||
In general, reading responses should be turned in by 8 PM on Monday prior to the associated readings being discussed in class. Submitted reading responses should be no more than 1000 words in total for discussion of all the week's readings. (NOT 1000 words per reading!) Reading responses should be a discussion of what you got out of the readings and what questions you still have. I will attempt to read everyone's responses before class so I have an idea how to direct in-class discussion. In particular, I will be looking for topics on which to give more background. | |||
'''Suggestion on how to do responses:''' Read all the papers first, then take a break, then write a response. Don't write after each reading. You don't even need to take notes unless that is how you read papers. | |||
The first reading response is due on '''Monday, September 17th''', 8 PM. Note that this response should also discuss how useful and enjoyable the unsupervised in-class discussion of the readings went. | |||
'''Responses should be submitted via Carleton's new [https://www.carleton.ca/culearn/ cuLearn].''' | |||
==Readings== | |||
<table style="width: 100%;" border="1" cellpadding="4" cellspacing="0"> | |||
<tr valign="top"> | |||
<th> | |||
<p align="left">Date </p> | |||
</th> | |||
<th> | |||
<p align="left">Topics</p> | |||
</th> | |||
<th> | |||
<p align="left">Readings</p> | |||
</th> | |||
<th> | |||
<p align="left">Notes</p> | |||
</th> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Sept. 6 | |||
</p> | |||
</td> | |||
<td> | |||
<p>Introduction | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
<td> | |||
<p>[[OSWebSec: Introduction|Introduction Notes]] | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Sept. 11 | |||
</p> | |||
</td> | |||
<td> | |||
<p>Fundamentals (Groups) | |||
</p> | |||
</td> | |||
<td> | |||
<p>Saltzer & Schroeder, [http://www.cs.virginia.edu/~evans/cs551/saltzer/ The Protection of Information in Computer Systems] (1975) | |||
([http://ieeexplore.ieee.org.proxy.library.carleton.ca/stamp/stamp.jsp?tp=&arnumber=1451869 Link to PDF version]) | |||
</p> | |||
</td> | |||
<td> | |||
<p>[[OSWebSec: Fundamentals|Fundamentals Notes]] | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Sept. 13 | |||
</p> | |||
</td> | |||
<td> | |||
<p>Criteria (Groups) | |||
</p> | |||
</td> | |||
<td> | |||
<p>[http://seclab.cs.ucdavis.edu/projects/history/CD-1/dod85.pdf The DoD Orange Book] (1985) | |||
</p> | |||
</td> | |||
<td> | |||
<p>[[OSWebSec: Criteria|Criteria Notes]] | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Sept. 18 | |||
</p> | |||
</td> | |||
<td> | |||
<p>Fundamentals (Discussion) | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Sept. 20 | |||
</p> | |||
</td> | |||
<td> | |||
<p>Criteria (Discussion) | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Sept. 25 | |||
</p> | |||
</td> | |||
<td> | |||
<p>Code Injection Attacks | |||
</p> | |||
</td> | |||
<td> | |||
<p>Aleph One, [http://insecure.org/stf/smashstack.html Stack Smashing for Fun and Profit]<br> | |||
Buchanan et al., [http://dx.doi.org/10.1145/1455770.1455776 When good instructions go bad: generalizing return-oriented programming to RISC] [http://dl.acm.org.proxy.library.carleton.ca/citation.cfm?doid=1455770.1455776 (proxy)] | |||
</p> | |||
</td> | |||
<td> | |||
<p>[[OSWebSec: Code Injection Attacks|Code Injection Attacks Notes]] | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Sept. 27 | |||
</p> | |||
</td> | |||
<td> | |||
<p>Code Injection Defenses | |||
</p> | |||
</td> | |||
<td> | |||
<p>Bojinov et al., [http://dx.doi.org/10.1145/1998412.1998434 Address space randomization for mobile devices] [http://dl.acm.org.proxy.library.carleton.ca/citation.cfm?doid=1998412.1998434 (proxy)]<br> | |||
Kc et al., [http://dx.doi.org/10.1145/948109.948146 Countering Code-Injection Attacks With Instruction-Set Randomization] [http://dl.acm.org.proxy.library.carleton.ca/citation.cfm?doid=948109.948146 (proxy)]<br> | |||
'''OPTIONAL:''' Barrantes et al., [http://dx.doi.org/10.1145/1053283.1053286 Randomized instruction set emulation] [http://dl.acm.org.proxy.library.carleton.ca/citation.cfm?doid=1053283.1053286 (proxy)] | |||
</p> | |||
</td> | |||
<td> | |||
<p>[[OSWebSec: Code Injection Defenses|Code Injection Defenses Notes]] | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Oct. 2 | |||
</p> | |||
</td> | |||
<td> | |||
<p>Cross-Site Scripting | |||
</p> | |||
</td> | |||
<td> | |||
<p>CERT, [http://www.cert.org/advisories/CA-2000-02.html Malicious HTML Tags]<br> | |||
Wikipedia, [http://en.wikipedia.org/wiki/Cross-site_scripting Cross-Site Scripting]<br> | |||
OWASP, [https://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29 Cross-Site Scripting (XSS)]<br> | |||
Gundy & Chen, [https://www.isoc.org/isoc/conferences/ndss/09/pdf/03.pdf Noncespaces: Using Randomization to Enforce Information Flow Tracking and Thwart Cross-Site Scripting Attacks] | |||
</p> | |||
</td> | |||
<td> | |||
<p>[[OSWebSec: Cross-Site Scripting|Cross-Site Scripting Notes]] | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Oct. 4 | |||
</p> | |||
</td> | |||
<td> | |||
<p>Web Mashups | |||
</p> | |||
</td> | |||
<td> | |||
<p>Jackson & Wang, [http://www2007.org/papers/paper801.pdf Subspace: secure cross-domain communication for web mashups]<br> | |||
Wang et al., [http://dx.doi.org/10.1145/1294261.1294263 Protection and communication abstractions for web browsers in MashupOS] [http://dl.acm.org.proxy.library.carleton.ca/citation.cfm?doid=1294261.1294263 (proxy)] [http://research.microsoft.com/~helenw/papers/sosp07MashupOS.pdf (author)] | |||
</p> | |||
</td> | |||
<td> | |||
<p>[[OSWebSec: Web Mashups|Web Mashups Notes]] | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Oct. 9 | |||
</p> | |||
</td> | |||
<td> | |||
<p>L4 | |||
</p> | |||
</td> | |||
<td> | |||
<p>Liedtke, [http://dx.doi.org/10.1145/234215.234473 Toward Real Microkernels] [http://dl.acm.org.proxy.library.carleton.ca/citation.cfm?id=234473 (proxy)]<br> | |||
Klein et al., [http://dx.doi.org/10.1145/1629575.1629596 seL4: formal verification of an OS kernel] [http://dl.acm.org.proxy.library.carleton.ca/citation.cfm?id=1629596 (proxy)] | |||
</p> | |||
</td> | |||
<td> | |||
<p>[[OSWebSec: L4|L4 Notes]] | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Oct. 11 | |||
</p> | |||
</td> | |||
<td> | |||
<p>Exokernels | |||
</p> | |||
</td> | |||
<td> | |||
<p> Engler & Kaashoek, [http://dx.doi.org/10.1109/HOTOS.1995.513459 Exterminate all operating system abstractions] [http://ieeexplore.ieee.org.proxy.library.carleton.ca/xpl/articleDetails.jsp?reload=true&arnumber=513459 (proxy)]<br> | |||
Engler et al., [http://dx.doi.org/10.1145/224056.224076 Exokernel: an operating system architecture for application-level resource management] [http://dl.acm.org.proxy.library.carleton.ca/citation.cfm?id=224076 (proxy)] | |||
</p> | |||
</td> | |||
<td> | |||
<p>[[OSWebSec: Exokernels|Exokernels Notes]] | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Oct. 16 | |||
</p> | |||
</td> | |||
<td> | |||
<p>Midterm summary discussion<br> | |||
Project discussion | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
<td> | |||
<p>[[OSWebSec: Midterm Study Guide|Midterm Study Guide]] | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Oct. 18 | |||
</p> | |||
</td> | |||
<td> | |||
<p>'''[https://homeostasis.scs.carleton.ca/~soma/oswebsec/oswebsec-midterm-f2012.pdf Midterm Exam]''' ([https://homeostasis.scs.carleton.ca/~soma/oswebsec/oswebsec-midterm-f2012.tex LaTeX])<br>'''Proposals Due''' | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Oct. 23 | |||
</p> | |||
</td> | |||
<td> | |||
<p>Old Code | |||
</p> | |||
</td> | |||
<td> | |||
<p>Ozment & Schechter, [http://static.usenix.org/event/sec06/tech/ozment.html Milk or Wine: Does Software Security Improve with Age?] | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Oct. 25 | |||
</p> | |||
</td> | |||
<td> | |||
<p>Old APIs | |||
</p> | |||
</td> | |||
<td> | |||
<p>Bright, [http://arstechnica.com/features/2012/10/windows-8-and-winrt-everything-old-is-new-again/ An in-depth look at WinRT] | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Oct. 30 | |||
</p> | |||
</td> | |||
<td> | |||
<p>Chrome | |||
</p> | |||
</td> | |||
<td> | |||
<p>Reis et al., [http://queue.acm.org/detail.cfm?id=1556050 Browser Security: Lessons from Google Chrome] | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Nov. 1 | |||
</p> | |||
</td> | |||
<td> | |||
<p>iOS and Android Security | |||
</p> | |||
</td> | |||
<td> | |||
<p>[http://homeostasis.scs.carleton.ca/~soma/oswebsec/iOS_Security_May12.pdf iOS Security], [http://source.android.com/tech/security/ Android Security] | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Nov. 6 | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
<td> | |||
<p>Felt et al., [https://www.eecs.berkeley.edu/~daw/papers/perms-webapps11.pdf The Effectiveness of Application Permissions]<br> | |||
Lie & Litty, [http://sites.google.com/site/lionellitty/research/publications/STC10.pdf Using Hypervisors to Secure Commodity Operating Systems] | |||
</p> | |||
</td> | |||
<td> | |||
<p>[[OSWebSec: App Perms & Hyperviz|App Perms Hyperviz]] | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Nov. 8 | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
<td> | |||
<p>Belay et al., [http://www.scs.stanford.edu/~dm/home/papers/belay:dune.pdf Dune: Safe User-level Access to Privileged CPU Features]<br> | |||
McCune et al., [http://www.cs.purdue.edu/homes/bertino/426Fall2009/flicker.pdf Flicker: An Execution Infrastructure for TCB Minimization] | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Nov. 13 | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
<td> | |||
<p>De Groef et al., [https://lirias.kuleuven.be/bitstream/123456789/354589/2/fp015-degroef.pdf FlowFox: a Web Browser with Flexible and Precise Information Flow Control]<br> | |||
Wang et al., [http://www.usenix.org/event/sec09/tech/full_papers/wang.pdf The Multi-Principal OS Construction of the Gazelle Web Browser] | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Nov. 15 | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
<td> | |||
<p>Mickens & Dhawan, [http://research.microsoft.com/pubs/154698/Atlantis-SOSP.pdf Atlantis: Robust, Extensible Execution Environments for Web Applications]<br> | |||
Chen et al., [http://www.collinjackson.com/research/papers/appisolation.pdf App Isolation: Get the Security of Multiple Browsers with Just One] | |||
</p> | |||
</td> | |||
<td> | |||
<p>[[OSWebSec: Browser Implementations|Browser Imp Notes]] | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Nov. 20 | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
<td> | |||
<p>Chen et al., [http://www.cs.purdue.edu/homes/bertino/426Fall2009/overshadow.pdf Overshadow: A Virtualization-Based Approach to Retrofitting Protection in Commodity Operating Systems]<br> | |||
Andrus et al., [http://web4.cs.columbia.edu/~nieh/pubs/sosp2011_cells.pdf Cells: A Virtual Mobile Smartphone Architecture] | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Nov. 22 | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
<td> | |||
<p>Akhawe, Saxena, & Song, [https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final168.pdf Privilege Separation in HTML5 Applications]<br> | |||
Tang et al., [http://www.cs.columbia.edu/~roxana/research/projects/cleanos/osdi2012cleanos.pdf CleanOS: Limiting Mobile Data Exposure with Idle Eviction] | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Nov. 27 | |||
</p> | |||
</td> | |||
<td> | |||
<p>Presentations 1 | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Nov. 29 | |||
</p> | |||
</td> | |||
<td> | |||
<p>Presentations 2 | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Dec. 4, 10 AM | |||
</p> | |||
</td> | |||
<td> | |||
<p>[[OSWebSec: Final Exam Study Guide|Final Exam Study Session]] | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
</tr> | |||
<tr> | |||
<td> | |||
<p>Dec. 6, 9 AM<br>SA 404 | |||
</p> | |||
</td> | |||
<td> | |||
<p>'''Final Exam''' | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
<td> | |||
<p> | |||
</p> | |||
</td> | |||
</tr> | |||
</table> |
Latest revision as of 16:43, 12 March 2013
Course Outline
The outline of the course can be found here.
Reading Responses
In general, reading responses should be turned in by 8 PM on Monday prior to the associated readings being discussed in class. Submitted reading responses should be no more than 1000 words in total for discussion of all the week's readings. (NOT 1000 words per reading!) Reading responses should be a discussion of what you got out of the readings and what questions you still have. I will attempt to read everyone's responses before class so I have an idea how to direct in-class discussion. In particular, I will be looking for topics on which to give more background.
Suggestion on how to do responses: Read all the papers first, then take a break, then write a response. Don't write after each reading. You don't even need to take notes unless that is how you read papers.
The first reading response is due on Monday, September 17th, 8 PM. Note that this response should also discuss how useful and enjoyable the unsupervised in-class discussion of the readings went.
Responses should be submitted via Carleton's new cuLearn.