Lecture: 3 hours
Project: 1 hour
Prerequisite: Course ECS 235A; ECS 120 and ECS 150 recommended
Grading: Letter; homework (50%), project (50%)
Theoretical foundations of methods used to protect data in computer and communication systems. Access control matrix and undecidability of security; policies; Bell-LaPadula, Biba, Chinese Wall models;non-interference and non-deducibility; information flow and the confinement problem. Not open for credit to students who have taken course 235.
Introduce definitions of security and relationship of security to policy; foundations, models of confidentiality, integrity, and hybrid models; leaking of information in multilevel models; prevention of inference, deduction; confining information flow; non-lattice policies of information flow; theory of Trojan horses, computer viruses, and computer worms.
Expanded Course Description:
M. Bishop, Computer Security: Art and Science, Addison-Wesley 2003; various papers
Paper surveying a topic in computer security in depth (expected length 20 pages) or a project exploring some aspect of the foundations of computer security. These may be individual or group efforts.
Instructor: M. Bishop
Prepared by: M. Bishop (January 2006)
This course does not overlap with any other course. ECS 153, which mentions one result and gives a very high-level view of some of the models, does not discuss the details of those results, their proofs, or the underlying principles presented in this course, and focuses instead on applications.