252-1414-00L System Security
Semester | Autumn Semester 2017 |
Lecturers | S. Capkun, A. Perrig |
Periodicity | yearly recurring course |
Language of instruction | English |
Courses
Number | Title | Hours | Lecturers | ||||
---|---|---|---|---|---|---|---|
252-1414-00 V | System Security | 2 hrs |
| S. Capkun, A. Perrig | |||
252-1414-00 U | System Security | 2 hrs |
| S. Capkun, A. Perrig |
Catalogue data
Abstract | The first part of the lecture covers individual system aspects starting with tamperproof or tamper-resistant hardware in general over operating system related security mechanisms to application software systems, such as host based intrusion detection systems. In the second part, the focus is on system design and methodologies for building secure systems. |
Learning objective | In this lecture, students learn about the security requirements and capabilities that are expected from modern hardware, operating systems, and other software environments. An overview of available technologies, algorithms and standards is given, with which these requirements can be met. |
Content | The first part of the lecture covers individual system's aspects starting with tamperproof or tamperresistant hardware in general over operating system related security mechanisms to application software systems such as host based intrusion detetction systems. The main topics covered are: tamper resistant hardware, CPU support for security, protection mechanisms in the kernel, file system security (permissions / ACLs / network filesystem issues), IPC Security, mechanisms in more modern OS, such as Capabilities and Zones, Libraries and Software tools for security assurance, etc. In the second part, the focus is on system design and methodologies for building secure systems. Topics include: patch management, common software faults (buffer overflows, etc.), writing secure software (design, architecture, QA, testing), compiler-supported security, language-supported security, logging and auditing (BSM audit, dtrace, ...), cryptographic support, and trustworthy computing (TCG, SGX). Along the lectures, model cases will be elaborated and evaluated in the exercises. |
Performance assessment
Performance assessment information (valid until the course unit is held again) | |
Performance assessment as a semester course | |
ECTS credits | 5 credits |
Examiners | S. Capkun, A. Perrig |
Type | session examination |
Language of examination | English |
Repetition | The performance assessment is only offered in the session after the course unit. Repetition only possible after re-enrolling. |
Mode of examination | written 90 minutes |
Additional information on mode of examination | Grading: 20% exercises and related reports, 80% final exam. |
Written aids | Keine |
This information can be updated until the beginning of the semester; information on the examination timetable is binding. |
Learning materials
Main link | Course Webpage |
Only public learning materials are listed. |
Groups
No information on groups available. |
Restrictions
There are no additional restrictions for the registration. |