| |
|
The course will focus on both the fundamentals and advanced topics in operating system security, and teach
the students the design issues, principles, mechanisms, and good engineering practice for design and implementation
of secure computer/OS systems. Lectures cover threat models, vulnerabilities, attacks compromise
security, and advanced OS-level techniques for achieving security. Topics include OS security concepts and principles,
seminal security in Multics, vulnerabilities in ordinary systems, secure capability systems, information
flow control, mandatory access control, security kernels, memory protection, file system, virtual machine systems,
hardware/architecture support (e.g., Intel SGX) for OS security, secure microkernel OSes (e.g., seL4, QNX,
Fuchsia), modern mobile operating systems (e.g., Android and iOS), and security from end-user perspective.
Assignments include labs exploring and implementing the technologies in the context of the Linux, Android,
seL4/QNX/Fuchsia systems (some involving kernel programming). One of this year’s theme is on
secure microkernel OSes (seL4, QNX, and Google Fuchsia). Through the
course, you will get a chance to learn and work with the latest developments around them.
Upon completing this course, the students are
expected to understand the principles and defensive mechanisms of operating systems security and
learn hands-on experience (kernel-level programming and system skills),
and to be prepared for active research at the
forefront of these areas.
Please keep an eye on this news box for the latest.
|
Spring 2020
|
|
1. Kick-off meeting held in Carver 0294.
2. More to be added.
|
Please check the lecture topics and schedule on Canvas.
Course Prerequisite
CPR E 308 OR COM S 352.
Familiarity with operating system concepts, and assume the knowledge of C programming.
The course will consist of two challenging programming projects (i.e.,
machine problems), two exams (mid-term and final exams), case study on seL4/QNX/Fuchsia, and one term
paper. We will have a small number of homework, demonstrations (on your
course projects), and presentations (on your term papers and code/design analysis of seL4/Fuchsia/QNX). Both
undergraduate and graduate students should finish the required programming
projects.
For short-survey term paper, a list of selected topics/problems
will be given. You can also propose your own one. Write a 6-pages
literature survey on a
specific topic based on the reading of at least 10 papers published within
the past 10 years. The paper format will be double column and single
space and should conform to the standard format for IEEE transactions. You
can use either Latex or WORD. More information please refer:
https://journals.ieeeauthorcenter.ieee.org/create-your-ieee-journal-article/authoring-tools-and-templates/ieee-article-templates/.
For each topic covered in the lecture, I will provide
you a suggested reading list including a number of selected classical
papers and some recent papers published on the top distributed systems
conferences/journals. Please see the suggested
reading list on Canvas.
Required Textbook:
Operating System Security (Synthesis Lectures on Information Security, Privacy, and Trust), by Trent Jaeger. ISBN: 9781598292121, 1598292129.
Link
Reference Books:
1. Modern Operating Systems, by Andrew S. Tanenbaum, 4th Edition, ISBN 9780133591620.
2. W. Richard Stevens, Advanced Programming in the UNIX Environment, First Edition, Addison-Wesley Pub Co., 1992, ISBN 0201563177.
3. Operating Systems: Principles and Practice, by Thomas Anderson and Michael Dahlin. ISBN 0985673524
4. Fundamentals of Secure Computer Systems, by Brett Tjaden. ISBN 188790266X
In addition, for each topic covered in the class, I
will select a number of papers (most were published in recent years). Please see the suggested
reading list on Canvas
Lecture slides will be available before class on
Canvas.
Grading will be on the absolute scale. The cutoff for an `A' will
be at most 90% of total score, 80% for a `B', 70% for a `C', and 60%
for a `D'. However, these cutoffs might be lowered at the end of the
semester to accommodate the actual distribution of grades.
Mid-term and optional Final Take-home Exam: 25% Course projects: 30% Presentations, demos, investigative analysis on seL4/QNX/Fuchsia: 25% Online quizzes: 5% Short surveys on selected OS security topics: 10% Attendance and participation in class discussions: 5%
Academic Policy:
- All incidents of academic dishonesty will be dealt with
according to the university policy. No exceptions.
All references must be properly cited, including
internet web pages (URL must be provided). If plagiarism is
detected, i.e. without proper citation and quotation, you will
automatically receive an F. When in doubt, please ask
the instructor if it is reasonable to include other's work in
your assignments.
- Due date for term papers and course projects is hard (no
late hand-in will be accepted.) except that you have reasonable
reason. However, for the whole semester, you can have at most
one time no-reason three-day extension.
- If you have a disability and require accommodations, please contact the
instructor early in the semester so that your learning needs may be
appropriately met. You will need to provide documentation of your
disability to the Disability Resources (DR) office, located on the main
floor of the Student Services Building, Room 1076, 515-294-7220
Dr. Yong Guan, Department of Electrical and Computer Engineering,
Iowa State University, Ames, IA 50011. Office: Durham 309. Email:
yguan@iastate.edu. Phone:
(515) 294-8378. Fax: (515) 294-8432.
Lecture: Tuesday & Thursday, 4:10-5:25pm, Carver 0294.
Office Hours: Tuesday, 11:00-11:59am, Durham 309. You are welcome to
drop by or email me to schedule a longer time to meet after class.
For further information, please contact
Yong Guan (yguan@iastate.edu) by email
or drop by office Durham 309.
|