Instructor: Martín Abadi
Time: TTh
Location: Soc Sci 2 159
Introduction (April 4).
Basics (April 4).
Policies, mechanisms, and assurance (April 6).
Mechanisms (access control), with a visit by Mike Schroeder (starting April 11).
Assurance (April 18).
Security in programming languages (starting April 18).
Guest lecture by Úlfar Erlingsson: Vulnerabililities, exploits, and attacks (April 27).
Cryptography (starting May 2).
Guest lecture by Ilya Mironov on hash functions (May 9).
Security protocols (starting May 11). More on SSL. Security protocols and specifications. Formal methods for security protocols. The applied pi calculus.. Automated protocol analysis, with a guest presentation/demo by Bruno Blanchet. Design principles. Two concepts of authenticity. User authentication. Public-key infrastructures. ... and the last homework set (for June 1).
Network security (assorted topics); fighting spam and other petty abuses (May 30). Guest lecture by Brian Hernacki: Virus-antivirus co-evolution (June 1). (Brian also talked about worms, more briefly.) Guest lecture by Monica Chew on phishing (June 6).Credits: bubble diagram of the access-control model from a joint paper with Butler Lampson et al.; access matrix from Fred Schneider; a diagram on a buffer overflow from Ethan Miller; diagrams on PCC derived from some by George Necula; some of the slides on SSL loosely based on Ethan Miller's (and that was based on David Evans's); some of the slides on network security based on some from Avi Rubin