CIS 4930/6930: Systems Security

Slides:

Advertisements

Similar presentations

Slide 01-1COMP 7370, Auburn University COMP 7370 Advanced Computer and Network Security Dr. Xiao Qin Auburn University

Advertisements

Introduction and Logistics Amir Houmansadr CS660: Advanced Information Assurance Spring 2015.

General information CSE 230 : Introduction to Software Engineering

Administrative Issues ICS 151 Fall 2007 Instructor: Eli Bozorgzadeh.

National Institute of Standards and Technology Computer Security Division Information Technology Laboratory Threat Information Sharing; Perspectives, Strategies,

Computer Network Fundamentals CNT4007C

BIT 115: Introduction To Programming1 Sit in front of a computer Log in –Username: 230class –password: –domain: student Bring up the course web.

CSE 501N Fall ‘09 00: Introduction 27 August 2009 Nick Leidenfrost.

COMP Introduction to Programming Yi Hong May 13, 2015.

Introduction to Network Security J. H. Wang Feb. 24, 2011.

Computer Security “Measures and controls that ensure confidentiality, integrity, and availability of IS assets including hardware, software, firmware,

Lecture 1 Page 1 CS 239, Fall 2010 Introduction CS 239 Advanced Topics in Computer Security Peter Reiher September 23, 2010.

1 Introduction to Operating Systems 9/16/2008 Lecture #1.

Administrative Issues ICS 151 Winter 2010 Instructor: Eli Bozorgzadeh.

Understanding the Academic Structure of the US Classroom: Syllabus.

CS461/ECE422 — Computer Security I — Spring 2012.

CIS 4930/6930: Systems Security Instructor: Xinming “Simon” Ou TA: Xiaolong “Daniel” Wang Class time: MW 2-3:15 1.

Course Overview Stephen M. Thebaut, Ph.D. University of Florida Software Engineering Foundations.

MRKT 370 – PRINCIPLES OF MARKETING FALL 2003 Dr. Ugur Yucelt Office Phone: Class Time: MW: 12:30-1:45 Office hours: MW:2:00-6:00 pm

1 CAP6133: Advanced Topics in Computer Security and Computer Forensics (spring’08) Class Overview Dr. Cliff Zou.

SCHILLER INTERNATIONAL UNIVERSITY

IST 210: Organization of Data

Introduction to Information Security J. H. Wang Sep. 18, 2012.

MIS 3320 Systems Analysis & Design Fall 2015 Mrs. Nancy Sánchez

HIPAA Security Final Rule Overview

CS151 Introduction to Digital Design Noura Alhakbani Prince Sultan University, College for Women.

SYLLABUS 2 Course Title: Special English For Computer Science Students  Semester: Fall  Class hours and location: Sundays, 16  17:30 (CLASS 10)  Credit:

Computer Networks CNT5106C

IST 210: ORGANIZATION OF DATA Introduction IST210 1.

Course Information CSE 2031 Fall Instructor U.T. Nguyen Office: CSE Home page:

Lecture 0 Overview Hong, You Pyo, DGU 1. Y. Hong Microprocessor A semiconductor device that contains a CPU (Central Processing Unit) and peripherals In.

ICS 151 Digital Logic Design Spring 2004 Administrative Issues.

CIS 505: Programming- Language Paradigms Torben Amtoft Xinming (Simon) Ou Aug 23, 2010.

Class Introduction IST 210: Organization of Data IST2101.

Computer Network Fundamentals CNT4007C

Welcome to CS 4390/CS5381: Introduction to Formal Methods

Course Overview CS 4501 / 6501 Software Testing

Information Security, Theory and Practice.

CIS 4930/6930: Systems Security

CIS5930 Software Defined Networking

CSE 662 – Languages and Databases Class Overview

Computer Networks CNT5106C

Introduction to Information Security

Introduction to Information Security

US 130 Principles of Urban Sustainability

Introduction and Overview

Operating Systems: Principles and Practice Cpr E 308

SEC 400 Competitive Success/snaptutorial.com

IS231: Information Systems-2 Course Overview

Information Systems Security Winter

Computer Networks CNT5106C

FALL 2018 Welcome to ESL.

CGS 3763 Operating Systems Concepts Spring 2013

Human Computer Interaction

Administrative Issues

Exam Logistics Rationale #6

Operating Systems: Principles and Practice Cpr E 308

Course Overview CS 4640 Programming Languages for Web Applications

C Programming Lecture 1 : Introduction

Lecture 1a- Introduction

C Programming Lecture 1 : Introduction

Topics in Database Systems

Lecture 1- Introduction

Administrative Issues

Computer Networks CNT5106C

Administrative Issues

Communication Systems – 2 Digital Communications

Lecture 1a- Introduction

Course Introduction Data Visualization & Exploration – COMPSCI 590

SWE 632 User Interface Design and Development

Presentation transcript:

CIS 4930/6930: Systems Security Instructor: Xinming “Simon” Ou TA: Xiaolong “Daniel” Wang Class time: MW 2-3:15

Logistics Course website: ??? where you can find Lecture slides Programming assignments and homework Reading materials

Logistics - continued Communications A facebook group will be created and you will be invited to join. Feel free to post your questions/comments/ideas attendant to the course. Course announcements will be made through emails. Questions to instructor and TA must be sent through emails to guarantee a response.

What is this course about? Provide a comprehensive treatment of computer system security Attackers do not play by any rules How protection mechanisms in OS can help mitigate attacks Different types of OS protections Utilizing special hardware for security Cover both defense and offense aspects Cover both theory and practice

Topics Common attack techniques OS protection mechanisms Mandatory access control Capability systems Trusted computing Device security Cloud security

Tasks Lectures Readings Assignments (about one per week) Exams Homework Programming projects Exams Midterm and Final

Grades Homework and projects: 30% Exams: 60% Class participation: 10% CIS4930 and CIS6930 graded separately

Collaboration Policy Exams: no collaboration Homework and programming assignments: discussion with other students OK, but must indicate who you discussed with in your submission

Class Participation Everyone must present one reading assignment (5 pts). Order will be sent through email One week to finish reading and prepare for a 20-min presentation in class Students not presenting participate in the discussion (e.g., asking questions) (5 pts). We will also ask you questions during the presentation

What is Security? Classical definition: Confidentiality Integrity Availability Security is the prevention of threats from causing undesired effects Threat model is important: who are your adversaries? What is at stake?

Can we have absolute security? Security is always a trade off between cost and risks Threat model: Who are the adversaries? What are their motivations? How capable are they? How much risk can they afford? Effectiveness of countermeasures: How much risk is reduced for users? How much inconvenience is incurred on users? How much risk is increased for adversaries?

Example1: Spam Emails Which one of C,I,A does this problem fall into? What is the threat model? What are possible counter measures?

Example 2

It is a Human Problem Security is as much a social, organizational, and economic problem as it is a technical problem Incentives for good behaviors vs. bad behaviors Technologies contribute to/help address the problem

What do you mean by “System Security” “System” is a platform on which various applications function. In most cases you can think of it as OS A system provides various protection mechanisms for the applications within it. Protection is closely related to security, although not the same.