Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Airport security wikipedia , lookup
Distributed firewall wikipedia , lookup
Cyberwarfare wikipedia , lookup
Next-Generation Secure Computing Base wikipedia , lookup
Post-quantum cryptography wikipedia , lookup
Unix security wikipedia , lookup
Cyber-security regulation wikipedia , lookup
Mobile security wikipedia , lookup
Cyberattack wikipedia , lookup
Cybercrime countermeasures wikipedia , lookup
Systems Security A. Objectives: The basic computer infrastructure, ranging from consumer desktops to business servers are under continual attack from a variety of miscreants (or “hackers”) for both fun and monetary gain. The design of computer systems have allowed many vulnerabilities to exist and the attacks exploit these vulnerabilities for stealing private information, perform unauthorized operations, destroy data and such. Computer Systems Security covers the art of countermeasures to attacks to general purpose systems, operating systems, applications and the end-user. The topics provide the student a keen insight into the methods employed by the miscreants, the loopholes that exist and how they come about and the methodology to prevent and defend against such attacks. B. Catalog Description: Risk, Trust, and Threat models; Types of Attacks; Safe Programming Techniques; Operating System Mechanisms; Virtual Machine Systems; Hardware Security Enforcers; Application Security; Personal Security C. Text Books: a. Introduction to Computer Security by Michael T. Goodrich and Roberto Tamassia, Addison-Wesley, 2010 b. Computer Security: Principles and Practice by William Stallings and Lawrie Brown. D. Course Syllabus: 1. The why, what and how of secure computing systems. 2. Risk, trust, and Threat models 3. Attacks a. Attack Mechanisms, b. System attacks, c. Virus, Trojan, Worms, Spyware, Adware, Browser attacks d. Buffer Overflows e. The “RootKit” Attack f. Malicious processes and computational power 4. Safe Programming Techniques a. Coding practices and safety, Code bloat and safety, Feature Creep b. Versatility and Vulnerabilities c. Design principles of secure systems d. Overall Design of Complex Systems 5. Operating System Mechanisms a. Identity and Authentication b. Protection in Operating Systems c. Interrupt handlers and System calls d. Redirecting services e. Reliable bootstrap, Address space protection f. Security kernel g. Distributed Systems Security 6. Virtual Machine Systems a. Host Operating Systems and VMM interactions b. Trust and Virtual Machines c. Using Virtual Machines for Integrity Enforcement 7. Hardware Security Enforcers a. Trust and Hardware Modules b. The TCG approach c. The CoPilot approach d. Secure wallets e. Secure co-processors 8. Application Security a. Firewalls b. Virus Detection c. Signatures and Software d. Integrity checking of software e. Web Security f. Secure Database Systems 9. Personal Security a. Protecting privacy b. Protecting finances c. Repudiation, spoofing and identity theft d. Devices for personal safety and identity e. Smart Card Systems E. References: 1. http://cactus.eas.asu.edu/partha/Teaching/466.2010/description.htm 2. http://www.cc.gatech.edu/classes/AY2002/cs6238_fall/index.html