Embedded Files
Course Description:
High consequence applications such as for critical infrastructure require highly reliable, trusted systems to assure the required availability of processing, and to assure the required confidentiality and integrity of information and processing, even if some parts of the system have high exposure to the adversary. Hardware and software design techniques for these Trusted Systems must evolve and advance as the sophistication of the cyber adversary also advances. This course conveys a methodology for the development of trusted systems in which the adversary is considered "part of the system".
Trusted Systems lay at the core of secure systems. A detailed understanding of the design, analysis and implementation of trusted systems is essential for the development of secure information systems. This course provides an overview of computer security to include an analysis of what is computer security, why systems are not secure, and the general concepts and design techniques applicable to the design of hardware and software. It examines in detail; the principles of a security architecture, access control, policy and the threat of malicious code; the considerations of trusted system implementation to include hardware security mechanisms, security models, security kernels, and architectural alternatives; the related assurance measures associated with trusted systems to include documentation, formal specification and verification, and testing, and approaches that extend the trusted system, into applications such as databases and into networks and distributed systems.
This course is intended for graduate students with the following qualification: typically coming out of computer science, mathematics, computer engineering, or informatics; advanced knowledge of computer architecture, operating systems, and communications networks will be valuable.
This class will be primarily individual study, with weekly assigned readings, six homework assignments, one take home quiz, one project, a midterm and a final. The course will also have five laboratory assignments which will be separate from the lecture period and performed outside of the class time. Each lab assignment will take multiple sessions to complete (a session is defined as approximately two hours). Students may work in teams on the lab assignments and for some may be assigned teams.
Objectives:
Students will have ten learning objectives for the course, and five application-centric objectives:
Learning Objectives:
1. Understand the fundamental issues that motive computer security to include the motivating threat and the impediments.
2. Understand the technical basis for the development of trust in computer systems
3. Understand the relationship between trust and policy in trusted computer systems
4. Understand in depth the techniques and approaches for designing trusted technology in computer systems
5. Understand the relationship and dependences between the underlying hardware and the trusted technologies that can be built on that hardware
6. Understand and are able to apply the fundamental design considerations for trusted systems
7. Understand in detail the concepts of the reference monitor and the nature of the root of trust provided by cryptographic attestation.
8. Understand the architectural issues that are essential to the implementation of trusted technology
9. Understand the processes for specification of trusted systems and how that specification relates to the sufficiency of trusted technology.
10. Understand the extension of the trust model into trusted applications
Application Objectives:
1. Methods of Authentication
2. Methods of Inspection
3. Awareness and Protection
4. Public Key Infrastructure and Distribution Models
5. Logical Security Controls
Page updated
Report abuse