COMS W4187: Lectures

Jan 16

Introduction

Jan 18

Access control

Jan 23

Complex access control
Readings:

• Chapter 2 and 3 of Bishop (suggested)

Jan 25

Privileges

Jan 30

Introduction to Cryptography
Reading:

• Section 13.1 of Cheswick and Bellovin, Firewalls and Internet Security, first edition
• The Story of Alice and Bob
• Bishop, Chapter 8 and 9 (optional)
• New Directions in Cryptography, Whitfield Diffie and Martin E. Hellman, IEEE Transactions on Information Theory, vol IT-22, number 6, pp. 644--654, November 1976.
• British invention of non-secret encryption (recommended)
• A method for obtaining digital signatures and public-key cryptosystems, R. L. Rivest, A. Shamir, L. Adleman, Communications of the ACM, Volume 21 Issue 2, February 1978. (recommended)

Feb 1

Authentication
Readings:

• Password security: a case history. Robert Morris and Ken Thompson, Communications of the ACM, Volume 22, Issue 11 (November 1979), Pages: 594 - 597.
• Dr. Fun (recommended)

---

Feb 6

Biometrics; authentication as a systems problem
Reading:

• Chapter 5 of Who Goes There? Authentication Through the Lens of Privacy.

Feb 8

Case Study: Access control

Feb 13

Secure programming
Reading:

• The emperor's old clothes, Charles Antony Richard Hoare, February 1981, Communications of the ACM, Volume 24 Issue 2
• Smashing The Stack For Fun And Profit, Aleph One, Phrack 49, Volume Seven, Issue Forty-Nine, File 14 of 16
• Exploiting Format String Vulnerabilities, scut / team teso, March 17, 2001, Version 1.0
• StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks, Crispin Cowan, Calton Pu, Dave Maier, Heather Hinton, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, and Qian Zhang. Proceedings of the 7th USENIX Security Symposium, January 1998, San Antonio, TX.
• Building Secure Software, John Viega and Gary McGraw, Addison-Wesley, 2002. (Recommended)
• Secure Coding in C and C++, Robert C. Seacord, Addison-Wesley, 2006. (Recommended)

Feb 15

Secure programming
Reading:

• Preparation of Internationalized Strings ("stringprep"), Paul Hoffman, RFC 3454, December 2002.
• Checking for Race Conditions in File Accesses, Matt Bishop and Michael Dilger, Computing Systems 9 (2) pp. 131-152 (Spring 1996). (recommended)
• setuid - checklist for security of setuid programs (recommended0
• Writing Safe SetUID Programs, Matt Bishop (recommended)
• Using Attack Surface Area And Relative Attack Surface Quotient To Identify Attackability, Ernst \& Young LLP.

Feb 20

Protecting the Client
Reading:

• Reading Between the Lines: Lessons from the SDMI Challenge, Scott A. Craver, Min Wu, Bede Liu, Adam Stubblefield, Ben Swartzlander, Dan W. Wallach, Drew Dean, and Edward W. Felten. Proc. of 10th USENIX Security Symposium, August 2001.
• Viewpoint: the ACM declaration in Felten v. RIAA, Simons, B. 2001. Commun. ACM 44, 10 (Oct. 2001), 23-26.
• Java Card Security: How Smart Cards and Java Mix, From Securing Java: Getting Down to Business with Mobile Code, Gary McGraw and Ed Felten, John Wiley & Sons, 1999.
• MYK-78 CLIPPER CHIP: ENCRYPTION/DECRYPTION ON A CHIP (recommended)
• Using Memory Errors to Attack a Virtual Machine, A. Appel and S. Govindavajhala. In IEEE Symposium on Security and Privacy, 2003 ( "Oakland Security Conference"). (recommended)
• Overview of Differential Power Analysis, An engineering overview of Differential Power Analysis by Paul Kocher, Joshua Jaffe, and Benjamin Jun. (recommended)
• Information Hiding: A Survey, Fabien A. P. Petitcolas, Ross J. Anderson and Markus G. Kuhn, Proceedings of the IEEE, special issue on protection of multimedia content, 87(7):1062{1078, July 1999. (recommended)

Feb 22

Permissive Action Links, Nuclear Weapons, and the Prehistory of Public Key Cryptography
Reading:

• Chapter 11 of Anderson
• Permissive Action Links

Feb 27

Cryptographic Engineering
Reading:

• Randomness Requirements for Security, RFC 4086, D. Eastlake, 3rd, J.Schiller, S. Crocker. June 2005.

---

Mar 1

Architecture
Reading:

• Security Tips, Apache 2.0 (recommended)
• suEXEC Support, Apache 2.0 (recommended)

Mar 6

Keys and Passwords

Mar 8

Confinement
Reading:

• A domain and type enforcement UNIX prototype, Lee Badger, Daniel F. Sterne, David L. Sherman, and Kenneth M. Walker. USENIX Computing Systems, 9(1):47--83, Winter 1996. (recommended)
• A Secure Environment for Untrusted Helper Applications, Ian Goldberg, David Wagner, Randi Thomas and Eric A. Brewer, Proc. Usenix Security Symposium, 1996. (recommended)

Mar 13

Spring Break

Mar 15

Spring Break

Mar 20

Review

Mar 22

Midterm

Mar 27

Viruses and Trojan Horses
Reading:

• Computer Viruses - Theory and Experiments, F. Cohen. DOD/NBS 7th Conference on Computer Security, originally appearing in IFIP-sec 84, also appearing as invited paper in IFIP-TC11, ``Computers and Security'', V6#1 (Jan. 1987), pp 22-35
• Reflections on trusting trust, Ken Thompson, CACM 27:8, August 1984.
• Viral Attacks On UNIX System Security, Tom Duff, August 1987.
• The worm programs -- early experience with a distributed computation, John Shoch and Jon Hupp, Communications of the ACM 25:3 (March 1982).
• Tool turns unsuspecting surfers into hacking help, CNET, March 20, 2007.
• JavaScript opens doors to browser-based attacks, CNET, July 28, 2006.

Mar 29

Logging and Auditing
Reading:

• Stalking the wily hacker, Communications of the ACM 31:5, May 1988.
• Shadow Hawk Busted Again, Phrack 16, File 11 (Nov 1987) (recommended)
• Chicago Phone Freak Gets Prison Term, Risks Digest 8:29, 22 February 1989 (recommended)

---

Apr 3

Program Structure
Please see the 4.3BSD FTP daemon source.

Apr 5

Program Structure

Apr 10

System Structure
A real billing system (used with permission)

Apr 12

Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks (Guest lecturer: Matt Blaze)

Apr 17

Security Analysis
Reading:

• The Art of Deception, Kevin Mitnick and William Simon, Wiley, 2002. (recommended) (Available as an EBook from the CU library)
• Silver Needle in the Skype, P. Biondi and F. Desclaux, BlackHat Europe, 2-3 March 2006.

Apr 19

Physical Security: The Good, the Bad and the Ugly (Guest lecturer: Mark Seiden)
Reading:

• US Navy Malware Infection Risked Submarine Prang
• Disgruntled Techie Attempts californian Power Blackout"
• Alleged Saboteur of Power Grid Gained Access Despite Warning
• Chocolate the Key to Uncovering PC Passwords

Apr 24

Security Analysis
Reading:

• ITS4: A Static Vulnerability Scanner for C and C++ Code, John Viega, J.T. Bloch, Tadayoshi Kohno, and Gary McGraw, Annual Computer Security Applications Conference, 2000.
• Checking for Race Conditions in File Accesses, M. Bishop and M. Dilger, Computing Systems 9:2, pp. 131-152 (Spring 1996)
• CGI/Perl Taint Mode FAQ
• Perl Advisor: Taint so Easy, Is It?, Randal L. Schwartz, Unix Review, August 2000.
• Static analysis and computer security: New techniques for software assurance. David Wagner. Ph.D. dissertation, Dec. 2000, University of California at Berkeley. (recommended)
• Using CQUAL for Static Analysis of Authorization Hook Placement, Xiaolan Zhang & Antony Edwards & Trent Jaeger, Proc. Usenix Security, 2002. (recommended)

Apr 26

After an Attack
Reading:

• "The Taking of Clark", Chapter 17, Firewalls and Internet Security: Repelling the Wily Hacker, William R. Cheswick, Steven M. Bellovin, and Aviel D. Rubin, Second Edtion, Addison-Wesley, 2003.
• "File System Analysis", Chapter 4, Forensic Discovery, Dan Farmer and Wietse Venema, Addison-Wesley 2004. Read Chapter 4.
• Playing "Hide and Seek" with Stored Keys, Adi Shamir and Nicko van Someren, Proceedings of the Third International Conference on Financial Cryptography, 1999. (Recommended)

---

May 8, 1:10-4:00

Final