Principles of Computer Security (Winter 2013)

The course overview page is located at: http://pages.cpsc.ucalgary.ca/~locasto/teaching/2013/CPSC525/

The university calendar entry for CPSC525 describes the course as: Security policies and protection mechanisms for a computing system, including such topics as design principles of protection systems, authentication and authorization, reference monitors, security architecture of popular platforms, formal modeling of protection systems, discretionary access control, safety analysis, information flow control, integrity, role-based access control. Legal and ethical considerations will be introduced.

How This Class is Taught

This is mainly a lecture-style course with some hands-on projects and assignments. It also includes an occasional tutorial component to provide some background technical skills.

This course is largely a guided reading course that aims at helping the student achieve the security mindset and the terminology and vocabulary of the information security field to go on to further study in specific areas: systems security, network security, applied cryptography, HCI security and usability, etc.

Security is a cross-cutting concern; its problems and challenges crop up in many different areas of computer science, and effective security solutions often involve elements that cross layers of abstraction and areas of expertise. This course can be thought of as an archeological exploration of the brief history of the computer security field's principal ideas. We will try to see why the major themes and concepts arose, how approaches were wrought and how they persist into modern computer systems.

This class is driven by asking simple questions that have complex answers. Security has often emerged as a bolt-on afterthought subject to many different types of pressure. Risk assessment involves trying to answer simple value questions. Our aim is to try to understand this landscape by following our natural curiosity -- allowing this kind of inquisitive skill to flourish is a key element of developing a security mindset. This course relies on underlying principles for thinking about how systems can be made to fail, and its central aim is to help students understand the following abstract concepts:

• cross-layer interactions -- root of trust; hardware supporting software security
• composition and trust -- how these concepts affect system assurance
• execution analysis -- how to analyze programs by reversing or removing abstraction, encapsulation, and other system organization principles
• flaws as programming models -- understanding vulnerabilities and exploits as de facto primitives of an unintended programming environment
• countermeasure efficacy -- understanding the context and relative merits of protection measures

Syllabus Topics

• protection mechanisms
• design principles of protection mechanisms
• security policies and security models
• formal models of protection systems
• integrity models
• information flow control models
• MAC/MLS, DAC
• authentication
• authorization
• RBAC
• reference monitors
• example security architectures
• legal and ethical considerations
• security mindset
• LangSec
• security professionals
• security evaluation

Announcments, Policies, and Metadata

Textbook: The Craft of System Security by Smith and Marchesini

Undergraduate Assignments:

1. Bug Project: 400 points
2. HW1: 250 points
3. HW2: 250 points
4. Midterm: 100 points

Graduate Assignments:

1. Project Proposal: 200 points
2. Project Deliverable: 500 points
3. Project Article: 200 points
4. Midterm: 100 points

Midterm Exam: open book plus 1 sheet of notes

No final exam.

See the course outline for grade map.

Assignments

This section enumerates the project and homework assignments.

Undergraduate

• Courses/Computer Science/CPSC 525.W2013/Bug Project
  • First bug report due on or before 31 March (extended from 20 March, 17 March)
  • Second bug report due on or before 8 April

• HW1 due 6 February
• HW2 due 15 March (extended from 10 March, 6 March)

midterm grade distribution:

 1
 2
 3
 4
 5 
 6 67
 7 0356778899
 8 12235566777899
 9 000001222355555556889
10 0

Graduate

• Project Proposal due 23 January (done)
• Project Deliverable due 1 April
• Project Article due 16 April

Courses/Computer Science/CPSC 625 Suggested Projects

Lecture Schedule

Please see the University Academic Calendar for important add/drop dates, holidays, etc.

Courses/Computer_Science/CPSC_525.W2013/Lecture Notes

This section contains the class session notes.

Tutorial Schedule

Tutorial Schedule

Links & Miscellaneous Resources

Langsec Links

• http://www.darkreading.com/vulnerability/taming-bad-inputs-means-taking-aim-at-we/240152171
• http://programmingisterrible.com/post/42215715657/postels-principle-is-a-bad-idea
• Programming with Nothing: http://experthuman.com/programming-with-nothing
• Learning to classify vulns: http://dl.acm.org/citation.cfm?doid=1835804.1835821
• PHY layer hacking: http://2012.hackitoergosum.org/blog/schedule/talks#Strangeand
• Catastrophic backtracking in regular expressions http://t.co/KWVDhLyI
• From Buffer Overflows to Weird Machines
• Cyberpatterns
• The Halting Problems of Network Stack Insecurity
• Security Applications of Formal Language Theory
• Packets in Packets (Goodspeed)
• Vulnerable Compliance (Geer)
• IDS Evasion Attacks (Ptacek and Newsham)
• Traffic Normalization (Handley)
• Crandall CCS 2005
• http://www.isg.rhul.ac.uk/tls/
• travis goodspeed: "Remotely Exploiting the PHY Layer"
  • http://travisgoodspeed.blogspot.ca/2011/09/remotely-exploiting-phy-layer.html
  • WOOT 2011 paper: http://www.usenix.org/events/woot11/tech/final_files/Goodspeed.pdf
• https://www.usenix.org/conference/woot11/packets-packets-orson-welles-band-signaling-attacks-modern-radios
  • http://www.phrack.org/issues.html?issue=68&id=4&mode=txt (see 0x06, "How I misunderstood digital radio; or, "Weird machines" are in radio, too!" by M.Laphroaig pastor@phrack )

Misc:

• http://www.microsoft.com/typography/otspec/featuretags.htm
• evading AV: http://blog.endpoint.com/2013/01/evading-anti-virus-metasploit.html
• http://programmingisterrible.com/post/42432568185/how-to-parse-ruby
• packet of death: http://appliance.cloudshark.org/news/cloudshark-in-the-wild/intel-packet-of-death-capture/
• blocking content based on executable env: http://arstechnica.com/security/2013/01/firefox-to-block-content-based-on-java-reader-and-silverlight/
• recognize a dialup? i.imgur.com/Q3lKIr1.jpg
• http://www.johndcook.com/blog/2013/02/21/can-regular-expressions-parse-html-or-not/
• "evil" code: http://erratasec.blogspot.ca/2013/03/the-debate-over-evil-code.html

Focus Questions

This is a list of questions meant to focus our studies on the main themes of information security.

How do you protect things?

• protection
  • access control
  • authentication
  • authorization
• isolation
  • virtualization
  • namespace rewriting
  • containers
  • reference monitors

Why do vulnerabilities exist?

• langsec
• complexity
• composition

What do traditional security models mean?

• translation
• primitives
• e-prime as a lens

What is a security mindset?

• see associated readings

What is assurance?

• B. Snow

What are realistic incentives for keeping things secure?

• usability
• economics

Things We (Probably) Won't Cover

• intrusion detection
• reverse engineering
• malware creation
• network security
• advanced or theoretical access control
• mathematics of cryptography
• many applied cryptography problems
• privacy
• information-theoretic security
• secure multiparty computation