Jim Hook and Jim Binkley CS 4/591

Spring 2008

Class Mechanics:

Class meets on Tuesday, Thursday, 4:40 - 6:30pm, NH 454.

Hook Office Hours: Tuesday, 1:00 - 3:00pm, FAB 120

Binkley Office Hours: TBA


Lecture Materials:

Prerequisites: CS 333 (operating systems), CS 350 (algorithms).


Class Mailing List

There is a class mailing list, cs591 at cecs dot pdx dot edu. The web interface is:

Please sign up on the list. Critical announcements about class will be made on this list.

Students Requiring Accommodation:
If you are a student with a disability in need of academic accommodations, you should register with Disability Services for Students and notify the instructor immediately to arrange for support services.

Term Paper Assignment

A term paper is due at the beginning of the last lecture. A title, abstract, annotated bibliography, and outline are due the day of the midterm. Assignment details here.

Calendar (with reading assignments):

Lecture 1 (4/1): Introduction and Overview ppt pdf slides pdf handouts

Lecture 2 (4/3): Access Control ppt pdf slides pdf handouts

Lecture 3 (4/8): Policy and Historical notes on Security ppt pdf slides pdf handouts

Lecture 4 (4/10): Bell-La Padula ppt pdf slides pdf handouts

Lecture 5 (4/15): Integrity Models ppt pdf slides pdf handouts

Lecture 6 (4/17): Comments on Identity and Data Mining ppt pdf slides pdf handouts

Lecture 7 (4/22) Confinement and Virtualization [Hook]

Lecture 8 (4/24): Access control and Information flow. ppt
Note: there are a few extra }'s and one slide is repeated. (F07 ppt slides handouts)

Supplementary material:

  1. Denning and Denning, 1977, available from ACM portal.
  2. Vincent Simonet, Flow Caml in a Nutshell.
  3. Flow Caml home page (I got the windows executable to work, but was not successful building the source distribution).
  4. A file derived from the flowcaml tutorial presented in class.

Lecture 9 (4/29) Assurance and Evaluation [Hook] ppt
Includes a guest lecture by Dylan McNamee of Galois, Inc.

Lecture 10 (5/1): Midterm exam. In class. Closed book. Blue book exam.

Hand in annotated bibliography for term paper.

Past study questions and exams are provided below.

Lecture 11 (5/6) Cryptography [Binkley]

Lecture 12 (5/8) Cryptography [Binkley]

Lecture 13 (5/13): Cryptography, Part 2 [Binkley]

Lecture 14 (5/15): Authentication and Design Principles [Binkley]

Lecture 15 (5/20): Malicious Logic [Binkley]

Lecture 16 (5/22): Botnets

Lecture 17 (5/27): Intrusion Detection [Binkley]

Lecture 18 (5/29): Ourmon and Snort; examples of Intrustion Detection; Network Security [Binkley]

Lecture 19 (6/3)) Network Security, continued. [Binkley]

Lecture 20 (6/5) miscellaneous including as time permits:

Final Exam: As published, closed book, no blue book needed.

Additional web resources:

Davis Security Lab Seminal Papers

National Information Assurance Training and Education Center

Bishop's slides by chapter