Course Outline
The outline of the course can be found here.
Reading Responses
In general, reading responses should be turned in by 8 PM on Monday prior to the associated readings being discussed in class. Submitted reading responses should be no more than 1000 words in total for discussion of all the week's readings. (NOT 1000 words per reading!) Reading responses should be a discussion of what you got out of the readings and what questions you still have. I will attempt to read everyone's responses before class so I have an idea how to direct in-class discussion. In particular, I will be looking for topics on which to give more background.
Suggestion on how to do responses: Read all the papers first, then take a break, then write a response. Don't write after each reading. You don't even need to take notes unless that is how you read papers.
The first reading response is due on Monday, September 17th, 8 PM. Note that this response should also discuss how useful and enjoyable the unsupervised in-class discussion of the readings went.
Responses should be submitted via Carleton's new cuLearn.
Readings
|
Date
|
Topics
|
Readings
|
Notes
|
|
Sept. 6
|
Introduction
|
|
Introduction Notes
|
|
Sept. 11
|
Fundamentals (Groups)
|
Saltzer & Schroeder, The Protection of Information in Computer Systems (1975)
(Link to PDF version)
|
Fundamentals Notes
|
|
Sept. 13
|
Criteria (Groups)
|
The DoD Orange Book (1985)
|
Criteria Notes
|
|
Sept. 18
|
Fundamentals (Discussion)
|
|
|
|
Sept. 20
|
Criteria (Discussion)
|
|
|
|
Sept. 25
|
Code Injection Attacks
|
Aleph One, Stack Smashing for Fun and Profit
Buchanan et al., When good instructions go bad: generalizing return-oriented programming to RISC (proxy)
|
Code Injection Attacks Notes
|
|
Sept. 27
|
Code Injection Defenses
|
Bojinov et al., Address space randomization for mobile devices (proxy)
Kc et al., Countering Code-Injection Attacks With Instruction-Set Randomization (proxy)
OPTIONAL: Barrantes et al., Randomized instruction set emulation (proxy)
|
Code Injection Defenses Notes
|
|
Oct. 2
|
Cross-Site Scripting
|
CERT, Malicious HTML Tags
Wikipedia, Cross-Site Scripting
OWASP, Cross-Site Scripting (XSS)
Gundy & Chen, Noncespaces: Using Randomization to Enforce Information Flow Tracking and Thwart Cross-Site Scripting Attacks
|
Cross-Site Scripting Notes
|
|
Oct. 4
|
Web Mashups
|
Jackson & Wang, Subspace: secure cross-domain communication for web mashups
Wang et al., Protection and communication abstractions for web browsers in MashupOS (proxy) (author)
|
Web Mashups Notes
|
|
Oct. 9
|
L4
|
Liedtke, Toward Real Microkernels (proxy)
Klein et al., seL4: formal verification of an OS kernel (proxy)
|
L4 Notes
|
|
Oct. 11
|
Exokernels
|
Engler & Kaashoek, Exterminate all operating system abstractions (proxy)
Engler et al., Exokernel: an operating system architecture for application-level resource management (proxy)
|
Exokernels Notes
|
|
Oct. 16
|
Midterm summary discussion
Project discussion
|
|
Midterm Study Guide
|
|
Oct. 18
|
Midterm Exam (LaTeX)
Proposals Due
|
|
|
|
Oct. 23
|
Old Code
|
Ozment & Schechter, Milk or Wine: Does Software Security Improve with Age?
|
|
|
Oct. 25
|
Old APIs
|
Bright, An in-depth look at WinRT
|
|
|
Oct. 30
|
Chrome
|
Reis et al., Browser Security: Lessons from Google Chrome
|
|
|
Nov. 1
|
iOS and Android Security
|
iOS Security, Android Security
|
|
|
Nov. 6
|
|
Felt et al., The Effectiveness of Application Permissions
Lie & Litty, Using Hypervisors to Secure Commodity Operating Systems
|
App Perms Hyperviz
|
|
Nov. 8
|
|
Belay et al., Dune: Safe User-level Access to Privileged CPU Features
McCune et al., Flicker: An Execution Infrastructure for TCB Minimization
|
|
|
Nov. 13
|
|
De Groef et al., FlowFox: a Web Browser with Flexible and Precise Information Flow Control
Wang et al., The Multi-Principal OS Construction of the Gazelle Web Browser
|
|
|
Nov. 15
|
|
Mickens & Dhawan, Atlantis: Robust, Extensible Execution Environments for Web Applications
Chen et al., App Isolation: Get the Security of Multiple Browsers with Just One
|
Browser Imp Notes
|
|
Nov. 20
|
|
Chen et al., Overshadow: A Virtualization-Based Approach to Retrofitting Protection in Commodity Operating Systems
Andrus et al., Cells: A Virtual Mobile Smartphone Architecture
|
|
|
Nov. 22
|
|
Akhawe, Saxena, & Song, Privilege Separation in HTML5 Applications
Tang et al., CleanOS: Limiting Mobile Data Exposure with Idle Eviction
|
|
|
Nov. 27
|
Presentations 1
|
|
|
|
Nov. 29
|
Presentations 2
|
|
|
|
Dec. 4, 10 AM
|
Final Exam Study Session
|
|
|
|
Dec. 6, 9 AM
SA 404
|
Final Exam
|
|
|