CSE544 - Advanced Systems Security - Fall 2009

Instructor Trent Jaeger (tjaeger 'at' cse.psu.edu)
Location 333 IST
Meeting Times TuTh 1-2:15 333 IST
Credits 3
Office Hours Prof. Jaeger, 346A IST: Tu 4-5 and W 1-2 or by appointment


In this course, we study research in computer and operating systems (host) security. The main focus of this course is the design of authorization systems and their application to host security. The course aims to provide foundations of authorization systems, approaches for designing effective systems, and tools and techniques for detecting problems in conventional systems and repairing such problems.

Topics will include protection systems, basic security principles, seminal security in Multics, vulnerabilities in ordinary systems, mandatory access control, security kernels, commercial MAC systems, secure capability systems, virtual machine systems, assurance, research in system integrity, dencentralized information flow, and distributed systems security. We will work from my book on operating systems security, and augment the text with research papers, some classical and some recent. There will also be three to four programming projects to explore the technological issues in the context of the Linux operating system (some involving kernel programming).

A detailed list of a lecture by lecture contents, assignments, and due dates (subject to change as semester evolves) is available on the course calendar.


The course will be graded on programming projects, exams, occasional quizzes, and class participation in the following proportions:

30% Programming Projects (3-4)
25% Midterm Exam
25% Final Exam
10% Quizzes and Other Projects
10% Class Participation

Programming Projects

This course will have three or four programming projects aimed at giving you some hands-on experience with mandatory access control systems in Linux (e.g., Linux Security Modules and SELinux). These projects aim to give you a familiarity with the current practice of security operating systems. Some of the projects will involve kernel programming. For this, I expect you to install a VMware system (university has a license) and a Linux environment for performing kernel development.

Grades will be based on the factors specific to each project.


This course will have midterm and final exams. The midterm will cover core background in systems security, including the book and related papers. This midterm will be a take-home midterm. The final exam will be comprehensive, and will be given in class.


Quizzes will be given at the beginning of class and will cover topics from the prior lectures and readings. Quizzes will be announced in advance. Quizzes missed because of absences cannot be made up unless arrangements are made with the instructor prior to the course meeting.

Class Participation

Class participation focuses on the readings assigned for the class. During the lecture, we will discuss the readings, and students are required to participate in discussions during each lecture. It is strongly suggested that students do the reading prior to this class. Ultimately, the students' ability to exhibit comprehension of readings is essential to a good grade.

Lateness Policy

All milestones are assesed a 20% per-day late penalty, up to a maximum of 4 days. Unless the problem is apocalyptic, don't give me excuses. Students with legitmate reasons who contact the professor before the deadline may apply for an extension.

Required Texts

Most of the course readings will come from the following required textbook:

However, we will also read some research papers to supplement our discussions. The specific papers will be posted on the course calendar.

Course Outline

A rough outline of the class is as follows:

  1. Introduction
    1. Course background
    2. OS and Security
    3. Protection
    4. Security Principles
  2. Intro to Protection and Security in Systems
    1. Multics
    2. Vulnerabilities in Multics
    3. Protection in Ordinary OSes
    4. Vulnerabilities in Ordinary OSes
  3. Mandatory Access Control
    1. Mandatory Access Control Models
    2. Security Kernels
    3. Secure UNIX
    4. MAC OS -- SELinux
  4. Other Systems
    1. Decentralized Information Flow
    2. Capability Systems
    3. Virtual Machines Systems
  5. Assurance
    1. Classical Assurance
    2. Alternative Integrity
    3. Layering of Systems
  6. Special Topics
    1. Trusted Computing
    2. Device Security
    3. Storage Security
    4. Web System Security

Ethics Statement

This course considers topics involving personal and public privacy and security. As part of this investigation we will cover technologies whose abuse may infringe on the rights of others. As an instructor, I rely on the ethical use of these technologies. Unethical use may include circumvention of existing security or privacy measurements for any purpose, or the dissemination, promotion, or exploitation of vulnerabilities of these services. Exceptions to these guidelines may occur in the process of reporting vulnerabilities through public and authoritative channels. Any activity outside the letter or spirit of these guidelines will be reported to the proper authorities and may result in dismissal from the class.

When in doubt, please contact the instructor for advice. Do not undertake any action which could be perceived as technology misuse anywhere and/or under any circumstances unless you have received explicit permission from Professor Jaeger.

CSE 544 - Fall 2009

Last modified: Tu Aug 15 12:34:04 EDT 2009