System Security AS17
No exercise session on 21.09.2017.
First Lecture: 25.09.2017
First Exercise Session: 28.09.2017
Current information, documents and the exercise submission system is available on the Moodle page:
https://moodle-app2.let.ethz.ch/course/view.php?id=3686
Please enroll for the course on myStudies to have access.
Autumn semester 2017
Course no. 252-1414-00L, (5 ECTS)
Lecture: Mon, 10.15h -12.00h, IFW A 36 NEW ROOM!
Exercises: Thu, 13.15h -15.00h, HG D 3.2
Course responsible: Prof. Srdjan Capkun (srdjan.capkun@inf.ethz.ch), Prof. Adrian Perrig (adrian.perrig@inf.ethz.ch)
Teaching Assistants: Aritra Dhar, Laurent Chuat, Karl Wüst (SysSec-Exercise@lists.inf.ethz.ch)
Lecture start: Monday, 25.09.2017
Lecture end: Monday, 18.12.2017 (Tentative)
Written exam
Performance assessment is based on exercises/reports submitted through the semester (20%) and a session examination at the end of the semester (80%). Details will be discussed at the end of the semester.
Learning objectives
In this lecture, students learn about the security requirements and capabilities that are expected from modern hardware, operating systems and other software environments. An overview of available technologies, algorithms and standards is given, with which these requirements can be met.
Content Description
The first part of the lecture covers individual system's aspects starting with tamperproof or tamperresistant hardware in general over operating system related security mechanisms to application software systems such as host based intrusion detetction systems. The main topics covered are: tamper resistant hardware, CPU support for security, protection mechanisms in the kernel, file system security (permissions / ACLs / network filesystem issues), IPC Security, mechanisms in more modern OS, such as Capabilities and Zones, Libraries and Software tools for security assurance, etc.
In the second part, the focus is on system design and methodologies for building secure systems. Topics include: patch management, common software faults (buffer overflows, etc.), writing secure software (design, architecture, QA, testing), compiler-supported security, language-supported security, logging and auditing (BSM audit, dtrace, ...), cryptographic support, and trustworthy computing (TCG, SGX).
Along the lectures, model cases will be elaborated and evaluated in the exercises.