Transcript Logistics and Ch 1 slides

Lecture 1: Introduction
Fred Chong
CS290N Architectural Support for
Secure and Reliable Computing
Description
• This course will examine architectural designs
and mechanisms that enhance the security
and reliability of computing systems. The
course will initially cover the basic properties
and building blocks of secure and reliable
systems from an architect's perspective. Then
we will survey the state of the art. Students
will pursue an in-depth class research project
relating to the topics covered.
Logistics
• Time: TR 9-10:50
Room: Phelps 2510
Instructor:
Prof. Fred Chong; office hours by appointment; Eng I 5163
Textbook: Security Basics for Computer Architects , by Ruby B.
Lee. (should be free from a UCSB machine)
• http://www.cs.ucsb.edu/~chong/290N/
• No class: 5/20,22
Deadlines
• Project Proposal due 4/15
• Project Drafts due 5/20
• Project final papers due 6/6
Grading
•
•
•
•
Problem Sets 15%
Discussion Topic 25%
Project Proposals and Drafts 20%
Project Final Report 40%
Problem Sets
• For each assigned paper, write up the
following and e-mail me a copy before class:
– A summary of the main points of the paper.
– A critique of any shortcomings of the paper.
– Any ideas on how one would extend the ideas in
the paper or address its shortcomings.
Leading Discussion
• Assign a paper for the class to read, one week
before your discussion day.
• Present the paper and supplemental material
on your assigned day. Lead discussion, with
my help, on the subject.
Project Paper
• The project has two goals:
– A critique of 3-5 related research papers. This is not a book
report. Do not just summarize what is in the papers. Point
out shortcomings and possible areas for extension.
– Extension of the area. Address shortcomings or extend the
work in the papers. Come up with some ideas and test
them with a short project. This can be in the form of some
simple analysis, simulations, algorithms, or models.
Remember to pick something that will fit in a quarter.
• Example project paper:
– http://www.cs.ucsb.edu/~chong/ftchong-area.ps
• Textbook: Security Basics for Computer
Architects , by Ruby B. Lee. (should be free
from a UCSB machine)
• Synthesis Lecture
– Short, geared towards researchers
Security Properties
• Reliability is related to Security
• Sometimes termed together as “Trustworthy
Systems”
Access Control
Forensic Properties
Individual Properties
Trustworthy vs Trusted
• Secure Computer System
– Ideally provides Integrity, Confidentiality, Availability
• Trustworthy Computer
– Designed to be dependable and provide security properties
• Trusted Computer
– Security depends upon this machine and all bets are off if it is
compromised
• Trusted Computing Base
– All hw and sw that must be trusted
– No commodity systems form a dependable trusted computing
base
– TCM (Trusted Computing Module) – a piece that can be trusted
Attacks by Property
Attacks by Modality
Remote vs Physical Access
• Remote Intrusion
• Physical Access
– Software attacks
– Passive electro-magnetic, thermal observation
– Physical tampering
• Memory bus probes
• Exposing the chip die
Security Architecture Design Methodology
“Lee’s Mantra”
Reading
• Ch 1 and 2 of Lee’s book
Example: Minos and DACODA
• Defense against remote intrusions
• Control-flow hijacking
– Buffer-overflow attacks
• Signature-based defenses
• Zero-Day Attacks