CS745 Autumn 2015

CS 745: Principles of Data and System Security

Autumn 2015

Lectures: Slot 9 (Mon, Thu. 03:30 pm - 05:00 pm). SIC 301.

Instructor: R K Shyamasundar (email : shyamasundar@gmail.com, rkss@cse.iitb.ac.in)

Instructor Office Hours: By appointment (please send email to fix up a time).

TAs: Gaurav Kumar ( gauravkr@cse.iitb.ac.in, 8879045698, Lab SIC313 ), Priyanka T ( priankat@cse.iitb.ac.in, 7387276460 )

Course Contents:

Access Control: Mandatory Access Control, Discrete Access Control, Principles of Least Privilege, Distributed Access Control , Role based Access, Attribute Based Access, Key Management, SPKI/SDSI

Concepts of Security: Confidentiality, Containment, isolation, Privacy, Anonymity, pseudo-anonymity etc., Policy specification, User authentication, Session management, multi-level security, multi-lateral security

Security Mechanisms: Protection, Confinement, Isolation, Virtual machines, Non-interference Dealing with legacy code, Sandboxes, Separability, Data caging
OS Security: Principles, Case studies of Operating Systems, secure OS like SELINUX

Run-Time Monitoring: Security Automata, Edit Automata, Shallow Automata

Malware analysis and Counter measures: difficulties, approaches, defense against untrusted code.

Security Models for Information Systems: Bell-LaPadula, Biba, Clark-Wilson, Lattice Model, Chinese Wall Model

Information Flow Models: Distributed Information Control, Secure OS based on IFC, Conference management systems like EasyChair, HotCrp

Language based security: Program analysis for Security, secure code practices and tools for secure code writing

Protocol Specification and Verification: Principles, Cryptographic protocols, protocol specification language characteristics.

Web security: models, application security, Browser Security, Information flow browsers

Special Topics: Mobile phone security, Android Security, Cloud security, Security of Internet of Things (IoT)

Lecturs

S.No	Date	Topic	Slids	References
1	July 20 (Mon)	Introduction to Data and System Security -I	lec01.pdf	Denning Book
2	July 23 (Thu)	Introduction to Data and System Security -II	lec02.pdf
3	July 27 (Mon)	DAC introduction	lec03.pdf
4	July 30 (Thu)	DAC Principles and Velnerablities	lec04.pdf
5	Aug 3 (Mon)	Take and Grant System	lec05.pdf
6	Aug 6 (Thu)	MLC, Lattice, BLP	lec06.pdf
7	Aug 10 (Mon)	Biba, Chinese and ORCON	lec07.pdf
8	Aug 13 (Thu)	Project Disscusion	Project list	Towards An Executable Declarative Specification of Access Control>
9	Aug 17 (Mon)	RBAC,ABAC and Lattice	lec08.pdf
10	Aug 20 (Thu)	Information Theory for IFC	lec09.pdf
11	Aug 24 (Mon)	Threat Model	lec10A.pdf
12	Aug 24 (Mon)	Language Based Security	lec10B.pdf
13	Aug 27 (Thu)	Guest lecture: Idiosyncrasies of Securing Industrial Control Systems	guest_lect01.pdf