Overview
|
Overview
In this course, we study research in operating systems security. The main focus of this course is the design of operating systems to enforce security requirements efficiently. The course aims to provide foundations of security in operating systems, limitations of operating systems security, and research in addressing these limitations.
Topics will include software vulnerabilities and OS security challenges, basic security principles, limitations of ordinary operating systems, mandatory access control and Multics, modern operating systems security, modern software/hardware security mechanisms, and file systems security. We will work from my book on operating systems security, and augment the text with research papers, some classical and some recent. There will be a course project.
A detailed list of a lecture by lecture contents, assignments, and due dates (subject to change as semester evolves) is available on the course schedule.
Grading
The course will be graded on a course project, exam, and class participation in the following proportions:
| 40% | Course Project and Presentation |
| 35% | Course Exam |
| 25% | Reviews, Participation, Homework |
Projects
This course will have a small-team course research project in the area of operating systems or program security. I will announce topics, but they will include eBPF security, Android security, file system security, security kernels (seL4), capability system architecture (CHERI), and software security (C/C++ and Rust). There will be a team presentation late in the quarter.
Exams
This course will have one exam. The exam will cover core background in systems security, including the book and related papers. The exam will be in-class on paper.
Class Participation
Class participation focuses on the readings assigned for the class. Students will be required to perform some reviews of readings. During the lecture, we will discuss the readings, and students are required to participate in discussions during each lecture. It is strongly suggested that students do the reading prior to this class. Ultimately, the students' ability to exhibit comprehension of readings is essential to a good grade. Occasionally, there may be a (announced, in-class) quiz given related to the readings.
Required Texts
Most of the course readings will come from the following required textbook:
- Jaeger, T., Operating System Security, 1st edition, Morgan and Claypool, 2008.
Course Outline
A rough outline of the class is as follows:
|
Academic Integrity Policy
Academic integrity is the pursuit of scholarly activity in an open, honest and responsible manner. Academic integrity is a basic guiding principle for all academic activity at the University of California, and all members of the University community are expected to act in accordance with this principle. Consistent with this expectation, all course activities should be performed in compliance with the University’s Academic Integrity Polices & Procedures.
The course projects are to be carried out individually (i.e., within the project team). Students are explicitly not allowed to share information, source code, or even discuss the contents of the projects. Any violation of this policy will be considered cheating and will result in the student receiving an 'F' grade for the project and a full letter grade off the final grade for the course. Students with more than one violation may face stronger penalties per the university policy.
Students are forbidden from copying code, makefiles, or any other material from the Internet (such as publicly available Github repos). Plagiarism will be strictly enforced through in-depth reviews of your submissions. Any violation in the letter or spirit of this policy will also be considered cheating, and handled as described above. Note that any publication of the assignments (e.g., via github or other system) is considered a violation of the above policy.
Ethics Statement
This course considers topics involving personal and public privacy and security. As part of this investigation we will cover technologies whose abuse may infringe on the rights of others. As an instructor, I rely on the ethical use of these technologies. Unethical use may include circumvention of existing security or privacy measurements for any purpose, or the dissemination, promotion, or exploitation of vulnerabilities of these services. Exceptions to these guidelines may occur in the process of reporting vulnerabilities through public and authoritative channels. Any activity outside the letter or spirit of these guidelines will be reported to the proper authorities and may result in dismissal from the class.
When in doubt, please contact the instructor for advice. Do not undertake any action which could be perceived as technology misuse anywhere and/or under any circumstances unless you have received explicit permission from Professor Jaeger.
