Computer Laboratory

Course pages 2015–16

Computer Security: Principles and Foundations

R209 Slides and Readings


  1. To be posted

Reading assignments

The following papers are assigned reading for R209, which should be read prior to the class indicated. This list is still being finalised, and further changes may be made before the start of term. Please contact the module instructors if you have any questions.

  1. Origins and Foundations of Computer Security (12 October 2015 - Watson, Anderson)
  2. Adversarial Reasoning (19 October 2015 - Anderson)
  3. Optional additional reading:

  4. Access Control (26 October 2015 - Watson)
  5. Optional additional reading:

  6. Security Economics (2 November 2015 - Anderson)
  7. Optional additional reading:

  8. Capability Systems (9 November 2015 - Watson)
  9. Optional additional reading:

  10. Passwords (16 November 2015 - Stajano)
  11. Optional additional reading:

  12. Cryptographic Protocols (23 November 2015 - Anderson)
  13. Optional additional reading:

  14. Correctness vs. Mitigation (30 November 2015 - Thomas)
    • Gerwin Klein, Kevin Elphinstone, Gernot Heiser, June Andronick, David Cock, Philip Derrin, Dhammika Elkaduwe, Kai Engelhardt, Rafal Kolanski, Michael Norrish, Thomas Sewell, Harvey Tuch, and Simon Winwood, seL4: formal verification of an OS kernel, Proceedings of the ACM SIGOPS 22nd Symposium on Operating Systems principles (SOSP '09)
    • Al Bessey, Ken Block, Ben Chelf, Andy Chou, Bryan Fulton, Seth Hallem, Charles Henri-Gros, Asya Kamsky, Scott McPeak, and Dawson Engler, A few billion lines of code later: using static analysis to find bugs in the real world, Communications of ACM 53(2) (February 2010)
    • Laszlo Szekeres, Mathias Payer, Tao Wei, and Dawn Song, SoK: Eternal War in Memory, Proceedings of the 2013 IEEE Symposium on Security and Privacy (SP '13). IEEE Computer Society, Washington, DC, USA.

Course materials from previous years

Last year’s course materials are still available.