4040-840 Security and Trust

all

1. 4040-840 Security and Trust -- 20112
2. General Information
- 2.1. Please Read This Paragraph
- 2.2. Syllabus
- 2.3. Course Goals
- 2.4. Texts
- 2.5. Grading
- 2.6. Home Works
- 2.7. Case Studies
- 2.8. Other Things
3. Introduction
- 3.1. Access
- 3.2. Data
- 3.3. User ID 0
- 3.4. S-Bit
- 3.5. How could printing on a UNIX system work?
- 3.6. Compromising of a System
- 3.7. Compromising of a System
- 3.8. Security from a different Point of View
- 3.9. Famous Security Flaws
- 3.10. Attacks
- 3.11. Generic Security Attacks
- 3.12. Compilation and Execution
- 3.13. Library Calls
- 3.14. Example
4. Intruders
- 4.1. After a Break in
- 4.2. Solution - Maybe Not
- 4.3. Example
- 4.4. Xt - Motif - Athena - et all
- 4.5. Examples
- 4.6. Before a Break in
- 4.7. Input Paths
- 4.8. Virus
- 4.9. Hardware - Drivers
- 4.10. Software
- 4.11. System Calls versus Library Calls
- 4.12. System call
- 4.13. A System Call Picture
- 4.14. Exploit: Morris Worm
- 4.15. What did it do?
- 4.16. Buffer Overflow
- 4.17. Standard Problem Issue
- 4.18. Process Memory Organization
- 4.19. Stack Frames
- 4.20. Use of the Stack During Execution
- 4.21. Buffer Overflows
- 4.22. The Idea
- 4.23. Execute Code -I
- 4.24. Execute Code -II
- 4.25. Finding the Bits to execute
- 4.26. The Explanation
- 4.27. Overview
- 4.28. Excec may Be Unsucessful
- 4.29. In Short
- 4.30. The End
- 4.31. Monitoring
- 4.32. Conclusion
5. Operating System Security
- 5.1. Basic Functions
- 5.2. Components of an Operating System
- 5.3. Basic Implementation Considerations: Processor Modes
- 5.4. System Calls
- 5.5. What can an OS not do?
- 5.6. Plan 9
- 5.7. The past: UNIX
- 5.8. A Rush through
- 5.9. Super User
- 5.10. A Screendump
- 5.11. A Plan 9 Network
- 5.12. Components
- 5.13. A typical Plan 9 Installation
- 5.14. What's New?
- 5.15. Namespace
- 5.16. Change the Namespace
- 5.17. Kernel Server
- 5.18. 9P
- 5.19. One Technique for all
- 5.20. Implementation
- 5.21. Implementation of a new Kernel Server
- 5.22. Inferno: The Plan 9 Update
- 5.23. Introduction
- 5.24. Components
- 5.25. Overview
- 5.26. Java's Security Model
- 5.27. Application Layer or OS?
6. Authentication Application
- 6.1. Kerberos: Info
- 6.2. Basics
- 6.3. Example: Sun Network File System
- 6.4. Services
- 6.5. Problems
- 6.6. Motivation:
- 6.7. Threats
- 6.8. Kerberos
- 6.9. Kerberos: Provides
- 6.10. The Situation
- 6.11. Note: Symetric Key Encryption
- 6.12. Kerberos: Is (as the paper describes)
- 6.13. Kerberos: Needs
- 6.14. Credentials
- 6.15. Kerberos: How it Works
- 6.16. Problem
- 6.17. Kerberos: Getting the Initial Ticket
- 6.18. IS Kerberos?
- 6.19. Kerberos: Getting a Server Ticket
- 6.20. Kerberos: Requesting a Service
- 6.21. Kerberos: Database
- 6.22. Kerberos: Admin
- 6.23. Kerberos: Java API
- 6.24. X.509
- 6.25. PKI
- 6.26. Digital Signatures
- 6.27. X.509 Certificate
- 6.28. Social Networks and Trust
- 6.29. How do you know it is your friend?
- 6.30. Trust
- 6.31. Issues
- 6.32. Outlook Trust Models
- 6.33. Addendum
7. Electronic Mail Security
- 7.1. History
- 7.2. Overview
- 7.3. What has Zimmermann Done?
- 7.4. Why was it a Sucess?
- 7.5. Public-key Cryptography/Asymmetric Cryptography,
- 7.6. Digital Signatures
- 7.7. Operational Description: Confidelity
- 7.8. Operational Description: Authentication
- 7.9. Operational Description: E Mail Compatability
- 7.10. Radix-64 Conversion
- 7.11. Operational Description: Compression
- 7.12. Cryptographic Keys and Key Rings
- 7.13. General Format of a PGP Message
- 7.14. Operational Description: Message Generation
- 7.15. Operational Description: Message Reception
- 7.16. Operational Description: Public Key Management
- 7.17. Operational Description: Certification Authority
- 7.18. PGP certificate format
- 7.19. Validity and Trust
- 7.20. Operational Description: Trust Models
- 7.21. Trust Notion on PGP
- 7.22.
- 7.23. Net Trust
- 7.24. Security Quality
- 7.25. Questions
- 7.26. Comments
8. Attacks
- 8.1. IP and Copyrighted Goods
- 8.2. Kim Dotcom - Kim Schmitz
- 8.3. Piracy - SOPA
- 8.4. Protect IP Act - PIPA
- 8.5. Byzantine Attacks
9. Public Key Infrastructure
- 9.1. Purpose and Function
- 9.2. Certificate History
- 9.3. X.500
- 9.4. Use Case
- 9.5. Ten Risks of PKI
- 9.6. 1
- 9.7. 2
- 9.8. 3
- 9.9. 4
- 9.10. 5
- 9.11. 6
- 9.12. 7
- 9.13. 8
- 9.14. 9
- 9.15. 10
- 9.16. Call for Paper
10. Trusted Computing Base/Platform
- 10.1. Definition
- 10.2. Computers in Airplanes
- 10.3. Computers in the Medical Field
- 10.4. Computers in Safety-Critical Applications
- 10.5. Space Shuttle
- 10.6. Languages
- 10.7. Fundamental Objectives
- 10.8. Bruce Schneir on Security
- 10.9. Formal Verification for Software
- 10.10. Players
- 10.11. Required
- 10.12. Micro-Kernel Architecture
- 10.13. Levels
- 10.14. Fault-Tolerant Software Design Approaches
- 10.15. The Gemini Digital Computer: First Machine in Orbit
- 10.16. Case Study: Space Shuttle
- 10.17. Developing Software for the Space Shuttle
- 10.18. Claasification
- 10.19. B3: Mandatory Protection: XTS-400
- 10.20. A1: Verified Protection: Scomp
- 10.21. XTS-400
- 10.22. System Architecture
- 10.23. Criticism
- 10.24. Use Case
- 10.25. Questions
- 10.26. More Reading
11. Loose Ends
- 11.1. Is this Code Correct I?
- 11.2. Is this Code Correct II?
- 11.3. Deadlock -- an Overview
- 11.4. Deadlock
- 11.5. Necessary Conditions
- 11.6. Resource Graphs
- 11.7. Addressing Deadlock
- 11.8. Prevention
- 11.9. Hold and Wait
- 11.10. Circular Wait
- 11.11. Code
- 11.12. INTEGRITY-178B
12. TBD
13. TBD
14. TBD
15. TBD
16. TBD
17. TBD
18. TBD
19. TBD
20. TBD
21. TBD
22. TBD
23. TBD
24. TBD
25. TBD
26. TBD
27. TBD
28. TBD
29. TBD
30. Stuxnet
- 30.1. Resources
- 30.2. Questions
31. Trust
- 31.1. Resources
- 31.2. Questions
32. Cryptographic Hash Case Studies - III/IV
- 32.1. Resources
- 32.2. Questions
33. Trust Mechanisms for Ad-hoc Networks
- 33.1. Resources
34. Trusted Computing
- 34.1. Resources
35. Cryptographic Hash Case Studies - VII
- 35.1. Resources
36. Cryptographic Hash Case Studies - VIII
- 36.1. Resources
37. Examination I-- Jan/20/2012

Table of Contents