CSE 227: Computer Security
This is the CSE 227: Computer Security course web page. On
this web page you will find the course syllabus, electronic handouts,
lecture summaries, homework and homework solutions, and links to other
resources.
The final exam is scheduled to be held from 11:30am-2:30pm on
Thursday March 21st, 2002, in HSS 2321 (the usual room).
|
CSE 227 is a graduate course. The course description is
Security and threat models, risk analysis,
authentication and authorization, auditing, operating systems
security, access control mechanisms, protection mechanisms,
distributed systems/network security, security architecture,
electronic commerce security mechanisms, security evaluation.
Potemkin
Village info. After Grigori Aleksandrovich Potemkin, a real person,
so not a literature reference, just that the term is widely used in
literature.
The course syllabus is available. If you are
interested in learning about some particular topics, feel free to
suggest them to me.
Lecture Summaries
- Lecture 1 January 7, 2002
- Lecture 2 January 9, 2002
- Lecture 3 January 11, 2002
- Lecture 4 January 14, 2002 (assignment 1)
- Lecture 5 January 16, 2002
- Lecture 6 January 18, 2002
- No lecture on Jan 21: Martin Luther King Jr Holiday
- Lecture 7 January 23, 2002
- Lecture 8 January 25, 2002
- Lecture 9 January 28, 2002
- Lecture 10 January 30, 2002
- Lecture 11 February 1, 2002
- Lecture 12 February 4, 2002
- Security Review 1st Project Due 2359 February 13, 2002
(extended to February 15, 2002 since I will be out of town anyway)
- No class (gone to NSF workshop) February 15, 2002
- No lecture on February 18: President's Day Holiday
- Midterm February 20, 2002
- Security Review 2nd Project Due 2359 March 11, 2002
Research Papers
Some of these are only for you to read and email me summaries of the
paper, clearly identifying the main thesis of the paper, the
supporting evidence provided, and identify the security assumptions,
security/efficiency/scalability/etc tradeoffs. Others are for
individual summaries and for groups to make in-class presentations of
about 20-30 minutes each. Individual summaries are due before the
class in which the group presentation will be made. Members of the
group making the presentation do not have to write a summary.
Presentation Groups
- AAR: Aditya Ojha, Alejandro Hevia, Rahul Lahoti
- ANGI: Abigail Gray, Nut Taesombut, Genevieve Bartlett, Insram Shah
- DJY: Dana Dahlstrom, Jeff Brown, Yu-Chung Cheng
- ERI: Eugene Tsyrklevich, Rommel Persigan, Ing-Wher Chen
- RSE: Ryan Persaud, Steve Gossin, Eric Hall
- VNA: Vivek Manpuria, Narayanan Ramabhadran, Ankur Jain
- FP: Fredrik Lundberg, Per Engström
Paper Assignments
-
Mobile Agents: Are They A Good Idea?
[pdf] (summaries only)
-
Timing Analysis of Keystrokes and Timing Attacks on SSH (presentation: ERI, Friday February 8, 2002)
-
A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities
[pdf] (presentation: ANG, Monday February 11, 2002)
-
Cyclone: A Safe Dialect of C
[pdf] and
Region-Based Memory Management in Cyclone
[pdf].
You may wish to consult the
longer tech report version of the first paper as well
[pdf]
(presentation: DJY, Wednesday February 13, 2002)
-
Distributed Execution with Remote Audit
from NDSS 1999
(presentation: RSE, Friday February 22, 2002)
-
Secure Remote Password Protocol
from NDSS 1998
(presentation: VNA, Monday February 25, 2002)
-
On the Problem of Trust in Mobile Agent Systems
also from NDSS 1998
(presentation: FP, Wednesday February 27, 2002)
-
Karjoth, Asokan, Gülcü: Protecting the computation results of free-roaming agents from Mobile Agents 98
(presentation: AAR, Friday March 1, 2002)
-
Farmer, Guttman, Swarup: Security for Mobile Agents: Authentication and State Appraisal
(presentation: RSE, Monday March 4, 2002)
-
Smith: Outbound Authentication for Programmable Secure Coprocessors
(presentation: ANGI, Wednesday March 6, 2002)
-
Perrig, Smith, Song, Tygar: Secure Auction Marketplace
(presentation: DJY, Friday March 8, 2002)
-
Evans, Twyman: Flexible Policy-Directed Code Safety
(presentation: ERI, Monday March 11, 2002)
-
Arbaugh, Farber, Smith: A Secure and Reliable Bootstrap Architecture
(presentation: AAR, Wednesday March 13, 2002)
-
Jul, Levy, Hutchinson, Black: Fine-Grained Mobility in the Emerald System
(presentation: VNA, Friday March 15, 2002)
Raw handouts directory.
Grading
Your grades will be determined based on project, homework assignments,
the midterm and the final exam scores. The homeworks will generally
be based on the research papers that we will be reading. The
breakdown is roughly
Homework | 20% |
Project | 25% |
Midterm | 25% |
Final | 30% |
Office Hours
You may drop by my office any time on Mondays, Wednesdays, and Fridays
that I'm there. Use the command finger bsy@play.ucsd.edu to
check my idle time; I do not promise to be there at all times.
Official office hours are Wednesday 2pm-3pm. No office hours on Jan
16; I will be attending the talk by Dodis. Email me to arrange
another time.
Additional Resources
[
search CSE |
CSE |
bsy's home page |
links |
webster |
MRQE |
google |
yahoo |
citeseer |
certserver
]
bsy+cse227w02@cs.ucsd.edu, last updated Mon Apr 8 20:19:50 PDT 2002. Copyright 2002 Bennet Yee.
email bsy.