CS 590U

Access Control: Theory and Practice

Spring 2006

Syllabus

    

Back to course homepage

Reference Books:

Chapters of the following books are useful for the course.  The first one is available on the Web.  Required readings from the other books will be handed out in class.  The Amoroso book and the Anderson book have been placed under reservation in the Math&CS library. 

  • Morrie Gasser: (available online) Building A Secure Computer System.  Van Nostrand Reinhold Co., 1988.
  • Ross Anderson: Security engineering : a guide to building dependable distributed systems.  Wiley, 2001.
  • Dieter Gollmann: Computer Security.  Wiley, 1999.

 

Date Topic Readings Before Each Lecture
Introduction
Tue Jan 10
  • Introduction to the course
  • Slides

 

Thu Jan 12
  • Access control matrices
  • Partial order
  • State transition systems
  • Slides
  • HW1

Mandatory Access Control for Confidentiality

Tue Jan 17

 

  • The Bell-LaPadula model
  • Slides
  • Note on BLP  (Handout)
Thu Jan 19

 

  • The Bell-LaPadula model (continued)
  • (No new slides)

 

Tue Jan 24
  • Noninterference
  • Nondeducability
  • Slides

 

 

Thu Jan 26

 

  • The Lattice Model of Information Flow
  • The confinement problem
  • Covert channels
  • Slides
  • HW2

 

 

Integrity

Tue Jan 31

 

  • The Biba integrity model
  • Slides
 
Thu Feb 2

 

  • Clark-Wilson model
  • The Chinese Wall policy
  • Slides

 

Discretionary Access Control and Safety Analysis

Tue Feb 7
  • The Graham-Denning
  • The HRU scheme
  • Slides
Thu Feb 9
  • Class cancelled for distinguished lecture by Prof. David Patterson
 
Tue Feb 14

 

  • Safety analysis in HRU
  • Slides
Thu Feb 16
  • Safety analysis revisited
  • Slides
DeMillo book:
  • R.S. Fabry: "One Perspective on the Results about the Decidability of System Safety".   (Handout)
  • A.K. Jones: "Protection Mechanism Models: Their Usefulness"   (Handout)

 

Tue Feb 21
  • Overview of project topics
  • No slides
 

 

Role-Based Access Control (RBAC)

Thu Feb 23

 

  • RBAC96
  • NIST RBAC Standard
  • Slides

 

Tue Feb 28
  • Separation of Duty in RBAC
  • Slides
Thu Mar 2

 

  • Constraint Generation in RBAC
  • Slides

Operating System Access Control

Tue Mar 7

 

  • Unix Access Control: ACL & setuid
  • Slides
Thu Mar 9
  • Unix Access Control: Confining Programs, chroot, jail, and DTE
  • Slides
Tue Mar 21

 

Trust Management and Automated Trust Negotiation

Thu Mar 23
  • Basics of Logic & Logic Programming
  • Slides
  • U. Nilsson and J. Maluszynski: Logic, Programming and Prolog
Tue Mar 28
  • Guest Lecture by Jiangtao Li: Automated Trust Negotiation Using OACerts

    Slides

 
 

Thu  Mar 30

  • Overview of Trust Management
  • SDSI
  • Slides

 

Tue Apr 4

 

  • Continue previous lecture
  • No new slides
 
 

Thu Apr 6

  • Cancelled for Dorothy Denning's talk
 
Tue Apr 11

 

 

 
Thu Apr 13

 

 
Project Presentations
Tue Apr 18
  • Isuru
  • Yipeng
 
Thu Apr 20
  • Wonjun
  • Tiancheng
 
Tue Apr 25
  • Qun
  • Ziqing
 
Thu Apr 27
  • Jing
  • Hong