Course Description ================== Software Security is an "emergent property" of a software system that is difficult to define. Software security goes beyond software correctness and also beyond cryptographic and network security. Software Security is a moving target that requires frequent attention to address the current risks in using a software system. The risks change as the government laws and the cleverness of the intruders change. New programming technologies give rise to better ways of protecting software systems but they also give the intruders new tools to attack systems. We live in homes for thousands of years, but we are still concerned with security and there are many home security systems for sale. The same will apply to software security: it will be an ongoing concern. There are interesting trade-offs between the cost of a software system and its use and its security. Higher security means higher design cost and higher cost of use. Security can also be traded with other properties that people value. Consider anti-lock brakes. They were intended to make driving safer. But people have decided to trade time for security and instead drive faster and closer to the car in front of them. Therefore the accident rates have not changed much. [Felten] In this course we will cover important issues of software security. The focus is on what can go wrong in programs and how can we prevent or detect it. Therefore, we will study programs and classify them as good or bad. There are commercial services available that sell their security analysis skills. We will explore techniques to enforce security policies as a program executes. Having a set of dynamically enforced security policies makes it harder for intruders because they also must follow those policies. Grading ======= Homeworks 20% Project 30% Midterm 20% Final 30% Syllabus ======== 1. week: September 13 Jeanette Wing: A call to Action: lectures/Software Security Wing.ppt From the text book: lectures/Software Security.ppt Software Security Summer School 2004 Principles of System Security Myers, Cornell: security properties, security mechanisms, information flow security lectures/myers.pdf 2. Week: September 20 Security Policies: Binder Software security: The Achilles' Heel of Cyberdefense lectures/cd-Exploting_Software.pdf (McGraw/Hoglund) Best practices of Software Security lectures/Software_Security.pdf (McGraw) 3. Week: Sep. 27 Formal Framework for Reasoning about Access Control Models Using AspectJ for statically checking security policies 4. Week: Oct. 4 5. Week: Oct. 18 6. Week: Oct. 25 MIDTERM The midterm will cover the topics covered in the assignments, 7. Week: Nov. 1 8. Week: Nov. 8 9. Week: Nov. 15 10. Week: Nov. 22 11. Week: Nov. 29 12. Week: Dec. 6 13. Week: Dec. 13 FINAL EXAM