Operating Systems and Web Security: Fall 2012: Difference between revisions

Revision as of 06:25, 3 November 2012

Course Outline

The outline of the course can be found here.

Reading Responses

In general, reading responses should be turned in by 8 PM on Monday prior to the associated readings being discussed in class. Submitted reading responses should be no more than 1000 words in total for discussion of all the week's readings. (NOT 1000 words per reading!) Reading responses should be a discussion of what you got out of the readings and what questions you still have. I will attempt to read everyone's responses before class so I have an idea how to direct in-class discussion. In particular, I will be looking for topics on which to give more background.

Suggestion on how to do responses: Read all the papers first, then take a break, then write a response. Don't write after each reading. You don't even need to take notes unless that is how you read papers.

The first reading response is due on Monday, September 17th, 8 PM. Note that this response should also discuss how useful and enjoyable the unsupervised in-class discussion of the readings went.

Responses should be submitted via Carleton's new cuLearn.

Readings

Date	Topics	Readings	Notes
Sept. 6	Introduction		Introduction Notes
Sept. 11	Fundamentals (Groups)	Saltzer & Schroeder, The Protection of Information in Computer Systems (1975) (Link to PDF version)	Fundamentals Notes
Sept. 13	Criteria (Groups)	The DoD Orange Book (1985)	Criteria Notes
Sept. 18	Fundamentals (Discussion)
Sept. 20	Criteria (Discussion)
Sept. 25	Code Injection Attacks	Aleph One, Stack Smashing for Fun and Profit Buchanan et al., When good instructions go bad: generalizing return-oriented programming to RISC (proxy)	Code Injection Attacks Notes
Sept. 27	Code Injection Defenses	Bojinov et al., Address space randomization for mobile devices (proxy) Kc et al., Countering Code-Injection Attacks With Instruction-Set Randomization (proxy) OPTIONAL: Barrantes et al., Randomized instruction set emulation (proxy)	Code Injection Defenses Notes
Oct. 2	Cross-Site Scripting	CERT, Malicious HTML Tags Wikipedia, Cross-Site Scripting OWASP, Cross-Site Scripting (XSS) Gundy & Chen, Noncespaces: Using Randomization to Enforce Information Flow Tracking and Thwart Cross-Site Scripting Attacks	Cross-Site Scripting Notes
Oct. 4	Web Mashups	Jackson & Wang, Subspace: secure cross-domain communication for web mashups Wang et al., Protection and communication abstractions for web browsers in MashupOS (proxy) (author)	Web Mashups Notes
Oct. 9	L4	Liedtke, Toward Real Microkernels (proxy) Klein et al., seL4: formal verification of an OS kernel (proxy)	L4 Notes
Oct. 11	Exokernels	Engler & Kaashoek, Exterminate all operating system abstractions (proxy) Engler et al., Exokernel: an operating system architecture for application-level resource management (proxy)	Exokernels Notes
Oct. 16	Midterm summary discussion Project discussion		Midterm Study Guide
Oct. 18	Midterm Exam (LaTeX) Proposals Due
Oct. 23	Old Code	Ozment & Schechter, Milk or Wine: Does Software Security Improve with Age?
Oct. 25	Old APIs	Bright, An in-depth look at WinRT
Oct. 30	Chrome	Reis et al., Browser Security: Lessons from Google Chrome
Nov. 1	iOS and Android Security	iOS Security, Android Security
Nov. 6		Felt et al., The Effectiveness of Application Permissions Lie & Litty, Using Hypervisors to Secure Commodity Operating Systems
Nov. 8		Belay et al., Dune: Safe User-level Access to Privileged CPU Features McCune et al., Flicker: An Execution Infrastructure for TCB Minimization
Nov. 13		De Groef et al., FlowFox: a Web Browser with Flexible and Precise Information Flow Control Wang et al., The Multi-Principal OS Construction of the Gazelle Web Browser
Nov. 15		Mickens & Dhawan, Atlantis: Robust, Extensible Execution Environments for Web Applications Chen et al., App Isolation: Get the Security of Multiple Browsers with Just One
Nov. 20		Chen et al., Overshadow: A Virtualization-Based Approach to Retrofitting Protection in Commodity Operating Systems Andrus et al., Cells: A Virtual Mobile Smartphone Architecture
Nov. 22		Akhawe, Saxena, & Song, Privilege Separation in HTML5 Applications Tang et al., CleanOS: Limiting Mobile Data Exposure with Idle Eviction
Nov. 27	Presentations 1
Nov. 29	Presentations 2
TBA	Final Exam

@@ Line 358: / Line 358: @@
        </td>
        <td>
-       <p>Felt et al., [https://www.eecs.berkeley.edu/~daw/papers/perms-webapps11.pdf The Effectiveness of Application Permissions],<br>
+       <p>Felt et al., [https://www.eecs.berkeley.edu/~daw/papers/perms-webapps11.pdf The Effectiveness of Application Permissions]<br>
           Lie & Litty, [http://sites.google.com/site/lionellitty/research/publications/STC10.pdf Using Hypervisors to Secure Commodity Operating Systems]
        </p>
@@ Line 377: / Line 377: @@
        </td>
        <td>
-       <p>Belay et al., [http://www.scs.stanford.edu/~dm/home/papers/belay:dune.pdf Dune: Safe User-level Access to Privileged CPU Features],<br>
+       <p>Belay et al., [http://www.scs.stanford.edu/~dm/home/papers/belay:dune.pdf Dune: Safe User-level Access to Privileged CPU Features]<br>
           McCune et al., [http://www.cs.purdue.edu/homes/bertino/426Fall2009/flicker.pdf Flicker: An Execution Infrastructure for TCB Minimization]
        </p>
@@ Line 396: / Line 396: @@
        </td>
        <td>
-       <p>De Groef et al., [https://lirias.kuleuven.be/bitstream/123456789/354589/2/fp015-degroef.pdf FlowFox: a Web Browser with Flexible and Precise Information Flow Control],<br>
+       <p>De Groef et al., [https://lirias.kuleuven.be/bitstream/123456789/354589/2/fp015-degroef.pdf FlowFox: a Web Browser with Flexible and Precise Information Flow Control]<br>
           Wang et al., [http://www.usenix.org/event/sec09/tech/full_papers/wang.pdf The Multi-Principal OS Construction of the Gazelle Web Browser]
        </p>
@@ Line 415: / Line 415: @@
        </td>
        <td>
-       <p>Mickens & Dhawan, [http://research.microsoft.com/pubs/154698/Atlantis-SOSP.pdf Atlantis: Robust, Extensible Execution Environments for Web Applications],<br>
+       <p>Mickens & Dhawan, [http://research.microsoft.com/pubs/154698/Atlantis-SOSP.pdf Atlantis: Robust, Extensible Execution Environments for Web Applications]<br>
           Chen et al., [http://www.collinjackson.com/research/papers/appisolation.pdf App Isolation: Get the Security of Multiple Browsers with Just One]
        </p>
@@ Line 435: / Line 435: @@
        <td>
        <p>Chen et al., Overshadow: A Virtualization-Based Approach to Retrofitting
-Protection in Commodity Operating Systems,<br>
+Protection in Commodity Operating Systems<br>
           Andrus et al., Cells: A Virtual Mobile Smartphone Architecture
        </p>
@@ Line 454: / Line 454: @@
        </td>
        <td>
-       <p>Akhawe, Saxena, & Song, Privilege Separation in HTML5 Applications,<br>
+       <p>Akhawe, Saxena, & Song, Privilege Separation in HTML5 Applications<br>
           Tang et al., CleanOS: Limiting Mobile Data Exposure with Idle Eviction
        </p>