| mechanics syllabus supplemental | ||||
Syllabus: Work in ProgressLecture 1: January 10, 2006Organizational Meeting Lecture 2: January 12ThemeWhere were you in ’72? A research agenda for computer security. RequiredJames P. Anderson, Computer Security Technology Planning Study. http://niatec.info/pdf/ande72.pdf Supplemental ReadingFred B. Schneider, editor, Trust in Cyberspace, http://www.nap.edu/readingroom/books/trust/ CoordinatorHook Lecture 3: January 17ThemeInformation-flow I RequiredDorothy E. Denning and Peter J. Denning, Certification of Programs for Secure Information Flow, http://www.seas.upenn.edu/~cis670/Spring2003/p504-denning.pdf Dennis Volpano, Geoffrey Smith, and Cynthia Irvine, A Sound Type System for Secure Flow Analysis, http://www.cs.fiu.edu/~smithg/papers/jcs96.pdf CoordinatorShahms E. King Lecture 4: January 19ThemeInformation-flow II RequiredSteve Zdancewic, Lantian Zheng, Nathaniel Nystrom, and Andrew C. Myers, Secure Program Partitioning, http://www.cis.upenn.edu/~stevez/papers/ZZNM02.pdf Andrei Sabelfeld and Andrew C. Myers, Language-based Information-Flow Security, http://www.cs.cornell.edu/andru/papers/jsac/sm-jsac03.pdf CoordinatorHook Lecture 5: January 24ThemeInformation-flow III RequiredPeng Li and Steve Zdancewic, Downgrading Policies and Relaxed Noninterference, http://www.cis.upenn.edu/~stevez/papers/LZ05a.pdf William L. Harrison and James Hook, Achieving Information Flow Security Through Precise Control of Effects, http://www.cs.missouri.edu/~harrison/pubs/research/csfw05.pdf Code: http://www.cs.missouri.edu/~harrison/CSFW05/index.html SupplementalVincent Simonet, The Flow Caml System, Documentation and users’s manual, Part I., http://cristal.inria.fr/~simonet/soft/flowcaml/ CoordinatorPlease send me email! Lecture 6: January 26ThemeSoftware Fault Isolation RequiredR. Wahbe, S. Lucco, T. Anderson, and S. Graham, Efficient Software-based Fault Isolation, http://www.cs.cornell.edu/home/jgm/cs711sp02/sfi.ps.gz Christopher Small, MiSFIT: A Tool for Constructing Safe Extensible C++ Systems, http://www.dogfish.org/chris/papers/misfit/misfit-ieee.ps
CoordinatorKahiro Lecture 7: January 31ThemeSafe Legacy Languages I: CCured RequiredGeorge C. Necula, Scott McPeak, Westley Weimer, CCured: Type-Safe Retrofitting of Legacy Code, POPL ’02, http://www.cs.berkeley.edu/~smcpeak/papers/ccured_popl02.pdf George C. Necula, Jeremy Condit, Matthew Harren, Scott McPeak, Westley Weimer, CCured: Type-Safe Retrofitting of Legacy Software, TOPLAS, 2005, Jeremy Condit, Matthew harren, George C. Necula, Scott McPeak, Westley Weimer, CCured in the Real World, PLDI ’03, http://www.cs.virginia.edu/~weimer/papers/CHNMW-CCuredInTheRealWorld.pdf [Note, the TOPLAS paper is an extended version of this paper.] CoordinatorJeff Williams Lecture 8: February 2ThemeDomain-Specific Languages: Cryptol RequiredGalois Connections, Inc., Cryptol Reference Manual, http://www.cryptol.net/docs/Reference.pdf Focus on chapters 1, 2, 3, 6 and 7. CoordinatorDean Pierce Lecture 9: February 7Project Proposals Due ThemeProof Carrying Code I RequiredSuggested papers, to be selected by the presenter: George Necula, Proof Carrying Code, chapter in B. Pierce’s anthology. Necula and Lee, Safe Kernel Extensions Without Run-time checking, OSDI ’96, http://raw.cs.berkeley.edu/Papers/pcc_osdi96.ps Necula and Lee, Proof-Carrying Code, POPL ’97, http://raw.cs.berkeley.edu/Papers/pcc_popl97.ps. Necula and Lee, The Design and Implementation of a Certifying Compiler, PLDI ’98, http://raw.cs.berkeley.edu/Papers/certcomp_pldi98.ps. The PCC web site: http://raw.cs.berkeley.edu/pcc.html CoordinatorZhifei Lecture 10: February 9ThemeProof Carrying Code II RequiredAndrew Appel, Foundational PCC, LICS ’01, http://www.cs.princeton.edu/~appel/papers/fpcc.pdf Xia and Hook, Abstraction Carrying Code CoordinatorAlex Ten Lecture 11: February 14ThemeOperating System Faults via Static Analysis RequiredVarious papers by Engler and others http://www.stanford.edu/~engler/ Please read the following two papers: CoordinatorDean Pierce Lecture 12: February 16Theme:Cyclone Reading:(1) Cyclone: A Safe Dialect of C. Usenix Annual Technical Conference, Monterey, CA, June 2002. http://www.eecs.harvard.edu/~greg/cyclone/papers/cyclone-safety.pdf (2) Cyclone: A Type-Safe Dialect of C. In C/C++ User's Journal, 23(1), January 2005. http://www.eecs.harvard.edu/~greg/papers/cuj.pdf (3) Region-Based Memory Management in Cyclone. ACM Conference on Programming Language Design and Implementation, Berlin, Germany, June 2002. http://www.cs.cornell.edu/Projects/cyclone/papers/cyclone-regions.pdf extended version: http://www.eecs.harvard.edu/~greg/papers/cyclone-regions-tr.pdf
Coordinator:Yang Chen Lecture 13: February 21Dean Pierce will present Cryptol Lecture 14: February 23Presenter: Shahms "Checking System Rules Using System-Specific, Programmer-Written Lecture 15: February 28Theme: Software Fault IsolationOrganizer: KahiroMiSFIT (see above)Lecture 16: March 2Theme: SLAM ProjectOrganizer: Jeffrey Williams1. "The SLAM Project: Debugging System SW via Static Analysis" which is the overview. Web site: http://research.microsoft.com/slam/ Lecture 17: March 7Alex Will present the Singularity paper. Singularity:http://research.microsoft.com/research/pubs/view.aspx?tr_id=989ftp://ftp.research.microsoft.com/pub/tr/TR-2005-135.pdfLecture 18: March 9Projects: 1 & 2 Lecture 19: March 14Projects: 3 & 4 Lecture 20: March 16Project 5 March 21, 17:00,Project Report due Another good paper for next time:Encoding Information Flow in Haskell
|
||