Jim Hook CS 4/591

Winter 2012

Class Mechanics:

Class meets on Tuesday, Thursday, 4:40 -- 6:30pm, FAB 40-07.

Hook Office Hours: Wednesdays, 2-4pm (no arrivals after 3:30 please) or by appointment, FAB 120-05.



Prerequisites: CS 333 (operating systems), CS 350 (algorithms).


Class Mailing List

There is a class mailing list, cs591 at cecs dot pdx dot edu. The web interface is:

Warning: In the mailing list confirmation protocol your password will be sent back to you in plain text!

Please sign up on the list. Critical announcements about class will be made on this list.

Students Requiring Accommodation

If you are a student with a disability in need of academic accommodations, you should register with Disability Services for Students and notify the instructor immediately to arrange for support services.

Term Paper Assignment

A term paper is due at the beginning of the last lecture. A title, abstract, annotated bibliography, and outline are due the day of the midterm. Assignment details here.

Calendar with reading assignments, subject to change:

Lecture 1 (1/10): Syllabus, Expectations, Overview, Usability (slides; handouts)

Lecture 2 (1/12): Usability, Social Context (slides)

Lecture 3 (1/17): Electronic Voting and Access Control (slides)

Lecture 4 (1/19): Access Control Policies: Bell-LaPadula and Biba (slides)

Lecture 5 (1/24): Cryptographic Concepts: Definitions, Basic Concepts, Properties pptx

Lecture 6 (1/26): Cryptographic Concepts: Asymmetric Crypto, Applications pptx

Lecture 7 (1/31): More Crypto pptx

Lecture 8: (2/2): Multilateral Security and Integrity pptx

Lecture 9 (2/7): Integrity, Fraud, Identity and Data Mining pptx

Lecture 10 (2/9): Midterm exam

Lecture 11 (2/14): Network Attack and Defense 1 pptx

Lecture 12 (2/16): Network Attack and Defense 2 pptx JRB botnets (password required)

Lecture 13 (2/21): Information Warfare pptx

Lecture 14 (2/23): Telecom Security, Data Mining pptx

Lecture 15 (2/28) Information flow pptx

Supplementary material:

  1. Denning and Denning, 1977, available from ACM portal.
  2. Vincent Simonet, Flow Caml in a Nutshell.
  3. Flow Caml home page (I got the windows executable to work, but was not successful building the source distribution).
  4. A file derived from the flowcaml tutorial presented in class

Lecture 16 (3/1): Design Principles pptx

Lecture 17 (3/6): Android Security research at Galois, Dave Archer, guest lecture

Supplementary material:

  1. Approaches to securing apps on Android:
    - www.cs.umd.edu/~avik/papers/scandroidascaa.pdf
    - www.usenix.org/event/osdi10/tech/full_papers/Enck.pdf
  2. Separation kernels: www.csl.sri.com/papers/sosp81/sosp81.pdf

Lecture 18 (3/8): Evaluation and Assurance pptx

Lecture 19 (3/13): Student paper presentations pptx

Lecture 20 (3/15): Review. Term papers due. pptx


Final Exam: 20 March, 5:30 to 7:20pm, closed book, blue book exam.