CYBE 4400: Operating System Security
(Cross-listed with CPRE 4400).
Credits: 3. Contact Hours: Lecture 3.
Prereq: COMS 3520 or CPRE 3080
Focus on fundamentals and advanced topics in operating system (OS) security. Design issues, principles, mechanisms, and good practice for design and implementation of secure computer/OS systems. Threat models, vulnerabilities, attacks compromise security, and advanced OS-level techniques for achieving security. Topics include OS security concepts and principles, seminal security in Multics, vulnerabilities in ordinary systems, secure capability systems, information flow control, mandatory access control, security kernels, memory protection, file system, virtual machine systems, hardware/architecture support (e.g., Intel SGX) for OS security, secure microkernel OSes (e.g., seL4, QNX), modern mobile operating systems (e.g., Android and iOS), and security from end-user perspective. Assignments include labs exploring and implementing the technologies in the context of the Linux, Android, and seL4 systems (some involving kernel programming).
(Typically Offered: Spring)