Language-Based Security VT10
TDA601/DIT101 - Språkbaserad datasäkerhet
|
|
(31/5)
It came to our knowledge that a questionnaire for a different course
was sent to the students earlier. We hear that this has been
corrected today. Your link to the
questionnaire is in an email to you from Victoria Ewers.
Please, do take time to complete the course
questionnaire. Your feedback is important.
- (12/5) Presentation schedule is now available (see below).
- (19/4) Due to the ash cloud and disturbances in flights, Jeff Vaughan
is unfortunately not able to visit Göteborg. Thus the guest lecture on Wednesday,
April 21, is cancelled. The next lecture will be on Friday as usual.
- (12/4) Farid Behnia's presentation is moved to the end of the lecture
on April 23. No lecture on Wednesday, April 14, as a consequence.
- (25/3) In case you have passed some of the labs and/or project in previous
years, no need to resumbit the solutions. However, you still need to
submit a short text file for each passed lab/project saying when
(what year) you passed it.
- (23/3) The Fire
system for lab/project submission is online.
- (22/3) The student representatives for course evaluation are:
Sari Haj Hussein angyjoo at yahoo.com,
Mikhail Kalkov kalkov at student.chalmers.se,
Mazdak Rajabi Nasab mazdak at student.chalmers.se,
Behrooz Sangchoolie behsan at student.chalmers.se.
Thanks for volunteering!
- (19/3) Slides for the lecture on information flow have been updated.
- (19/3)
Course discussion group
is up and running. Discussion of general questions, labs, and
projects is welcome. Helping each other to find answers is
encouraged, but of course without giving away solutions.
- (8/3) For the labs and the project, you need to work in
groups of two.
There will be an opportunity for group matching at the break of the
first lecture. If you have difficulties finding a
partner, please
use this
facility. If you already have a partner, you do not need to use it.
- (8/3/2010) First lecture: Wed, Mar 17, 10-12, EC. For the schedule of the course, please refer to the plan
below (and not the TimeEdit schedule).
|
General
Lectures, exercises, and deadlines
Assignments (Labs)
Examinations
|
Why language-based security?
Traditionally, computer security
has been largely enforced at the level of operating systems. However,
as operating systems grow in size and complexity, it is becoming
increasingly difficult to handle security. Consequently, modern
attacks often succeed at circumventing operating-system security
mechanisms. Furthermore, while operating-system security policies are
low-level (such as access control policies, protecting particular
files), many attacks are high-level, or application-level (such as
email worms that pass by access controls pretending to be executed on
behalf of a mailer application).
This key to defending against application-level attacks is
application-level security. Because applications are typically
specified and implemented in programming languages, this area is
generally known as language-based security. A direct benefit of
language-based security is the ability to naturally express security
policies and enforcement mechanisms using the developed techniques of
programming languages.
Who should study language-based security?
You should have previously studied a course in programming languages
(and of course basic programming skills are assumed) and basics of
computer security. It is an advantage if you have studied courses
such as semantics of programming languages and compiler construction.
You should be interested in some of the following:
- Obtaining a deeper understanding of programming language-based
concepts for computer security.
- The design and implementation of security mechanisms.
- Computer science research in the area of programming languages
and security.
What will you learn?
The goal of this course is understanding
the principles behind application-level attacks (such as Trojan
horses, worms, buffer overrun attacks, exploit attacks, covert
channels, and malicious code) and language-based protection mechanisms
(such as static security analysis, program transformation, and stack
inspection).
Instructor and TAs
Instructor: Andrei Sabelfeld, office 5476, voice 1018
(Chalmers).
Teaching
assistants: Jonas
Magazinius, office 5472, voice 5422, and
Arnar Birgisson, office 5471, voice 5402.
Course literature
No specific book is used as a course book. The material consists of
hand-outs, papers, etc. However, I warmly recommend the following book
for complimentary reading on the subject:
Lecture schedule and deadlines
The schedule is subject to change. Stay tuned!
Lectures are once or twice a week. Wednesday lectures are at EA
(with the exception of the first lecture - at EC)
and Friday lectures are at EE - all at
10am.
Last year's lecture slides are already on the web, but changes and
updates may be done before the actual lecture. If these updates are
substantial then it will be indicated in the latest news section.
In order to view the slides, you need to be under the .se
domain. Otherwise, let us know your domain - we will include it in
the permission set.
All deadlines are firm.
| Date
| Topic
| Reading
|
| Wed, Mar 17
| Introduction to language-based security. Overview of the
course.
Slides: here.
|
McGraw and Morrisett, Attacking
Malicious Code: A Report to the Infosec Research
Council, 2000.
Sect. I of Saltzer and Schroeder, Protection
of Information in Computer Systems, 1975.
|
| Fri, Mar 19
| Information flow security
Slides: here.
| Sabelfeld and Myers, Language-Based
Information-Flow Security, 2003.
Try this information flow
exercise. See below for exercise supervision time.
|
| Wed, Mar 24
| Data races, randomness, and determinism
Slides:
here.
| Savage, Burrows, Nelson, Sobalvarro, and Anderson, Eraser:
A Dynamic Data Race Detector for Multithreaded Programs, 1997.
|
| Fri, Mar 26
| Project proposal deadline
|
| Wed, Apr 21
|
Intermediate concepts in information flow and declassification policy inference
Invited lecture
by Jeff Vaughan,
Harvard University. Cancelled, no lecture
|
Sabelfeld and Sands,
Declassificatiioon:
Dimensions and Principles, 2007.
|
| Fri, Apr 23
| Buffer overruns; Database security
Slides:
here.
Experience of taking the course last year: 15-minute
invited presenation by Farid Behnia who took the course last year.
Farid's
presentation video.
| Aleph One, Smashing
the Stack for Fun and Profit.
Claes Nyberg's slides and tutorial with exercises.
|
| Fri, Apr 23
| Eraser lab deadline
|
| Wed, Apr 28
| Web-application security
Jonas Magazinius slides from 2010
here
|
OWASP
|
| Fri, Apr 30
| r00tshell lab deadline
|
| Fri, May 7
| Java security, Stack inspection and access
control
Certifying compilation; Typed Assembly
Languages, Proof-Carrying Code; Copyright protection and code obfuscation
Slides:
here.
| Wallach, Felten, Understanding
Java Stack Inspection, 1998.
Morrisett, Walker, Crary, Glew,
From System F to Typed Assembly Language, 1999.
|
| Fri, May 7
| WepAppSec lab deadline
|
| Wed, May 12
| Design principles for security protocols Abadi and Needham, Prudent
Engineering Practice for Cryptographic Protocols, 1995.
|
| Wed, May 19, 10-12
| Project presentations
Presentation time - no more than 15 minutes (strict), following the
presentation guidelines. A PC and projector will be available;
powerpoint/pdf presentations can be either emailed to me in advance
or brought
on a USB stick.
The schedule of groups (as in FIRE) to present projects (if your
group is not mentioned below, then you do not need to present the project):
14: New information flow challenges
13: Survey of techniques for automated identification of inference channels in relational databases
4: ASP.NET Security Overview & Elaboration with Known Attacks
0: Security in PHP language: Blunders and vulnerabilities
8: RSS security issues and solutions
|
| Fri, May 21, 10-12
| Project presentations continued
11: Survey of open source e-commerce software
2: Obfuscation Techniques and Tools
24: Buffer Overflow Conquering
25: Analysis of JavaScript Hijacking and its impact on security
19: Average User-Response to Attacks (AURA)
3: Web Mail Hacking Using Cross-site Scripting (XSS) and two practical Solutions
|
| Fri, May 21
| Project report deadline
|
In order to get up to speed on information flow try this
information flow exercise. There
will be a supervision slot for working on this exercise on Wed,
Mar 24, 15-17, room 6225.
You are expected to find a lab partner, with whom you will do the
assignments (laborations).
If you have difficulties finding a
partner, please
use this
facility.
No one-person or three-person groups are allowed unless
there is a well-justified reason and permission from the instructor.
There are three assignments ("laborations") and a project. The lab are
about specific problems whereas projects can be more open-ended (some
ideas for projects are supplied below).
Further information on the lab and project:
As common for advanced courses, there are only a few supervision
times for the labs. The supervision takes place in
room 6225 according to the following schedule:
Eraser:
Wednesday, Apr 21, 15-17;
r00tshell:
Wednesday, Apr 28, 15-17, and
WebAppSec:
Wednesday, May 5, 15-17.
Watch out the latest news for booking a slot during the office hours to
discuss project proposals and projects, respectively.
In case you have passed some of the labs and/or project in previous
years, no need to resumbit the solutions. However, you still need to
submit a short text file for each passed lab/project saying when
(what year) you passed it.
Cheating
Unfortunately, cases of cheating are
sometimes detected by us in lab solutions/reports and
project reports. Students are expected to be familiar with the
Chalmers
policy on academic integrity and honesty, which we strictly
follow. Cheating includes
collaboration between groups and not citing your sources.
Course requirement and examinations
To pass the course, you must pass the labs and the
exam. In order to pass the exam, you need to make a presentation of
the project in class and pass the requirements on a written
report/position paper that documents your project.
URL: http://www.cse.chalmers.se/edu/course/TDA601/