MSc/Masters » Module Details

IY5512 Computer Security (Operating Systems)

First term, core module for Technical Pathway only.

Module leader

Chris Mitchell

Aims

This course is concerned with security mechanisms in modern computer systems and will consider:

  • the core concepts: security policies, security models, subjects and objects, and access rights;
  • user authentication, including the use of tokens and biometrics;
  • important access control models and policies;
  • how access control can be implemented in hardware, operating systems and software;
  • how access control is implemented in commercial products;
  • why operating systems and computer systems remain vulnerable to attack, and how vulnerable systems can be strengthened to increase their resistance to attackers.

Objectives

On completion of this course students should be able to:

  • Demonstrate an understanding of the importance of security models with reference to the security of computer systems.
  • Describe the features and security mechanisms that are generally used to implement security policies.
  • Provide examples of the implementation of such features and mechanisms within particular operating systems.
  • Display breadth of knowledge of the security vulnerabilities affecting computer systems.
  • Demonstrate an understanding of the main issues relating to software security in the context of computer systems.

Provisional Syllabus

Concepts and Terminology: security, confidentiality, integrity, availability, reliability, security policies, security models, information flow, access requests, memory protection

Authentication: basic techniques, relevance to access control

Access Control: mandatory and discretionary access control, capabilities, access control lists, intermediate controls, multilevel security.

Security Models: information flow, Bell-LaPadula model, basic security theorem, Chinese Wall model, Clark-Wilson model, role-based access control

Vulnerabilities in Computer Systems: Why they exist and how they can be prevented

Software Security: vulnerabilities in C and C++, type safety, type soundness, object oriented languages, sandboxing, stack inspection

Case Studies: Pentium processor, Unix, Windows, Java Security architecture

Method of examination

Written examination

Module leader

Chris Mitchell

Main references

  • D. Gollmann, Computer Security, John Wiley & Sons, 2005 (2nd edition).
  • C.P. Pfleeger and S.L. Pfleeger, Security in Computing, Prentice-Hall, 2006 (fourth edition).
  • M. Bishop, Computer Security: Art and Science, Addison Wesley, 2002.

Other references

  • J. O'Gorman, Operating Systems, Palgrave MacMillan, 2000.
  • Internet Security Solutions Inc., Windows 2000 Security Technical Reference, Microsoft Press, 2000.
  • S. Garfinkel and G. Spafford, Practical Unix and Internet Security, O'Reilly, 1996.
  • L. Gong, Inside Java 2 Platform Security, Addison Wesley, 2003.