Computer Laboratory

Course pages 2013–14

Computer Security: Principles and Foundations

Reading materials

The following papers are assigned reading for R209; note that minor revisions to some session reading lists may still be made.

Course introduction slides from the first lecture can be found here:

Please contact the course instructors if you have any questions.

  1. Origins of computer security (14 October 2013)
    1. The Protection of Information in Computer Systems, Jerome H Saltzer and Michael D Schroder, Communications of the ACM v 17 no 7 (July 1974)
    2. A Note on the Confinement Problem, Butler Lampson, Communications of the ACM v 16 no 10 (Oct 1973) pp 613–615
    3. New Directions in Cryptography, IEEE Transactions on Information Theory v IT-22 (Nov 1976) pp 644–654
    4. Using Encryption for Authentication in Large Networks of Computers, Roger Needham and Michael Schroeder, Communications of the ACM v 21 no 12 (Dec 1978)

  2. The economics of security (21 October 2013)
    Note: the level of reading for this week is quite high; please start early!
    1. Information security: where computer science, economics and psychology meet, Ross Anderson, Tyler Moore, Phil Trans Roy Soc A v 367 no 1898 pp 2717–2727 (2009)
    2. The Role of Internet Service Providers in Botnet Mitigation: An Empirical Analysis Based on Spam Data by Michel van Eeten and colleagues, WEIS 2011
    3. Measuring the Cost of Cybercrime, Ross Anderson and colleagues, WEIS 2012
    4. Is the Internet for Porn? An Insight Into the Online Adult Industry by Gilbert Wondracek and colleagues, WEIS 2010

  3. Cryptographic protocols: possibilities and limitations (28 October 2013)
    Note: the level of reading for this week is quite high; please start early!
    1. A Logic of Authentication, Mike Burrows, Martín Abadi and Roger Needham, Proc. Roy. Soc. A v 426 no 1871 pp 233–271 (1989)
    2. Prudent Engineering Practice for Cryptographic Protocols, Martín Abadi and Roger Needham, IEEE Transactions on Software Engineering v 22 no 1 (1996) pp 6–15
    3. The History of Subliminal Channels, Gustavus J. Simmons, Information Hiding (1996) pp 237–256
    4. API Attacks, from Security Engineering – A Guide to Building Dependable Distributed Systems, Ross Anderson, second edition, Wiley (2008)

  4. Passwords: technology, human factors and what goes wrong (4 November 2013)
    1. Password security: a case history, Robert Morris and Ken Thompson, Communications of the ACM v 22 no 11 (1979)
    2. Users are not the enemy, Anne Adams and M. Angela Sasse, Communications of the ACM v 42 no 12 (1999)
    3. The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes, Joseph Bonneau, Cormac Herley, Paul C. van Oorschot, Frank Stajano, IEEE Security and Privacy 2012
    Optional additional reading:

  5. Access control and adversarial reasoning (11 November 2013)
    Note: the level of reading for this week is quite high; please start early!
    1. Secure Computer System: Unified Exposition and Multics Interpretation, D Elliot Bell and Len LaPadula, ESD-TR-75-306, ESD/AFSC, Hanscom AFB, Bedford, MA 01731 (1975). Read pp1-48, 64-73 only.
    2. MULTICS Security Evaluation, Volume II: Vulnerability Analysis, Paul Karger and Roger Schell, ESD-TR-74-193, v II, Electronic Systems Division, Air Force Systems Command, Hanscom Field, Bedford, MA 01731 (June 1974). Read pp1-64 – skip the Subverter Listing; the glossary on p149 may be useful.
    3. A Domain and Type Enforcement UNIX Prototype, Lee Badger, Daniel F. Sterne, David L. Sherman, Kenneth M. Walker, Sheila A. Haghighat, Proceedings of the Fifth USENIX UNIX Security Symposium (1996)
    4. A decade of OS access-control extensibility. Robert N. M. Watson, Communications of the ACM 56(2), February 2013.
    Optional additional reading:
    • Protection Analysis: Final Report, Richard Bisbey II and Dennis Hollingworth, ISI/SR-78-13, University of Southern California/Information Sciences Institute, Marina Del Rey, CA 96291 (May 1978)

  6. Hardware and software capability systems (18 November 2013)
    1. HYDRA: the kernel of a multiprocessor operating system, W. Wulf, E. Cohen, W. Corwin, A. Jones, R. Levin, C. Pierson, and F. Pollack, Communications of the ACM v 17 no 6 pp 337–345 (1974)
    2. A Security Analysis of the Combex DarpaBrowser Architecture, David Wagner, Dean Tribble, March 4, 2002
    3. Capsicum: practical capabilities for UNIX, R. N. M. Watson, J. Anderson, B. Laurie, and K. Kennaway, 19th USENIX Security Symposium, 2010

  7. Programming language and information flow security (25 November 2013)
    1. Reflections on Trusting Trust, Ken Thompson, Communications of the ACM v 27 no 8 (1984) pp 761–763
    2. Going beyond the sandbox: an overview of the new security architecture in the java TM development Kit 1.2, Li Gong, Marianne Mueller, Hemma Prafullchandra and Roland Schemmers, Proceedings of the USENIX Symposium on Internet Technologies and Systems (USITS'97)
    3. A Decentralized Model for Information Flow Control, Andrew C. Myers, Barbara Liskov, Proceedings of the 16th ACM Symposium on Operating Systems Principles, Saint-Malo, France, 5 –8 October 1997
    4. A Security-Oriented Subset of Java, Adrian Mettler, David Wagner, Tyler Close, Joe-E, Proceedings of the Network and Distributed System Security Symposium, NDSS 2010, San Diego, California, USA, 28th February – 3rd March 2010

  8. Correctness versus mitigation (2 December 2013)
    1. seL4: formal verification of an OS kernel, Gerwin Klein, Kevin Elphinstone, Gernot Heiser, June Andronick, David Cock, Philip Derrin, Dhammika Elkaduwe, Kai Engelhardt, Rafal Kolanski, Michael Norrish, Thomas Sewell, Harvey Tuch, and Simon Winwood, Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles (SOSP '09) pp 207-220
    2. A few billion lines of code later: using static analysis to find bugs in the real world, Al Bessey, Ken Block, Ben Chelf, Andy Chou, Bryan Fulton, Seth Hallem, Charles Henri-Gros, Asya Kamsky, Scott McPeak, and Dawson Engler, Comm ACM 53, 2 (February 2010), 66-75
    3. Mitigating Software Vulnerabilities, Matt Miller, Tim Burrell, and Michael Howard, Microsoft Corporation, July 2011


Last year’s course materials are still available.