Jim Hook's CS 4/591 course materials
Course home page
Additional web resources:
National Information Assurance Training and Education Center
Bishop's slides by chapter
Professor Hook's Lectures:
Lecture 1: Introduction and Overview ppt pdf
- Feldman, Halderman, and Felten, Security Analysis of the Diebold AccuVote-TS Voting Machine, September 2006. link
Lecture 2: Access Control ppt pdf slides pdf handouts
Lecture 3: Policy ppt pdf slides pdf handouts
Lecture 4: Bell-La Padula ppt pdf slides pdf handouts (Download Bishop's slides for Chapter 5)
Lecture 5: Integrity Models ppt pdf slides pdf handouts (Download Bishop's slides for Chapters 6 and 7)
- Brewer and Nash, The Chinese Wall Security Policy, IEEE Symposium on Researchin Security and Privacy, May 1989.
Lecture 6: Information Flow. Download Bishop's slides for Chapter 15
Note: there are a few extra }'s and one slide is repeated.
- Denning and Denning, 1977, available from ACM portal.
- Vincent Simonet, Flow Caml in a Nutshell.
- Flow Caml home page (I got the windows executable to work, but was not successful building the source distribution).
- A file derived from the flowcaml tutorial presented in class.
Lecture 7: Information Flow followup ppt pdf slides pdf handouts. Also: Bishop's chapters 15 and 14.
- Andrei Sabelfeld and Andrew C. Myers, Language-based Information-Flow Security, http://www.cs.cornell.edu/andru/papers/jsac/sm-jsac03.pdf. Pay particular attention to Section III (Basics of Language-based information flow). Figures 2 and 3 were presented in lecture.
- A file illustrating some issues discussed in class in flowcaml.
Lecture 8: Confinement
Lecture 9: Assurance ppt pdf slides pdf handouts (Download Bishop's slides for Chapter 17)
- Reading: Bishop Chapter 17, RA Chapter 23
Lecture 10: Evaluation ppt pdf slides pdf handouts (Download Bishop's slides for Chapter 18)
- Reading: Bishop Chapter 18, RA Chapter 23
- Also discussed data mining, phone records, and surrogate identity because of news relevance
- Gary M. Weiss (2005). Data Mining in Telecommunications. In O. Maimon and L. Rokach(eds.), Data Mining and Knowledge Discovery Handbook: A Complete Guide for Practitioners and Researchers, Kluwer Academic Publishers, 1189-1201. http://storm.cis.fordham.edu/~gweiss/papers/kluwer04-telecom.pdf
- Corinna Cortes, Daryl Pregibon and Chris Volinsky, "Communities of Interest'', The Fourth International Symposium of Intelligent Data Analysis (IDA 2001), 2001. http://homepage.mac.com/corinnacortes/papers/portugal.ps
Lecture 11: Midterm:
- Fall 2006 exam pdf.
- Fall 2006 exam presentation ppt pdf.
- Some new Study Questions for Fall 2006. Some of these questions still need to be refined.
- Spring 2006 Study Questions for midterm (questions 4 and 5 are out of scope for Fall 2006).
- Spring 2006 midterm and grading notes pdf pdf handouts. For Fall 2006 questions 3 and 4 are out of scope (they will be covered by Professor Binkley). Question 10 is on a topic that I forgot to mention in lecture, but I encourage you to review: the chapter on access control mechanisms.
- Fall 2005 midterm and grading notes ppt pdf handouts. For Fall 2006 questions 4, 8, 9 and 10 are not in scope.
- Please bring a "blue book" (available from the bookstore) to the exam
- Please come to the PSU campus location to take the exam.
Remaining lectures will be presented by Professor Binkley