Venue: NUCES, Peshawar Campus
Semester: Fall 2011
Course Code: CS598
Course Title: Secure Systems
Credits: 3
Email: [my.full.name]@nu.edu.pk
Contact: (091) 111-128-128 (Ext 133)
Grade Distribution: Assignment (10%), Research Paper (10%), Midterms (30%), Final Exam (50 %)
Pre-requisites: CS411 – Network Security

Course Objectives: 

This is a research-oriented course designed to take the students already well-versed with network security into the domain of research involving secure systems. The scope of the course is both theoretical as well as practical in nature. After successful completion of the course, students should be able to work with industry-standard and cutting edge security technologies. They should also be able to use their knowledge to further the field of secure systems through research exploration and publication.

Reference Books:

Course follows a research-paper based review system which will be discussed as the semester progresses. 

Weekly Topic Breakdown: 

  1. Introduction to Large-Scale Secure Systems
    Security in the Industry
    Current Research Directions in Security
    Terminology in Secure Systems
  2. Protocols of Authentication, Authorization and Attestation
    Access Control Mechanisms
    Bell-LaPadula Model
    Role-based Access Control (RBAC)
    Usage Control (UCON)
  3. XACML (eXtensible Access Control Markup Language)
    Fine-grained Control over Authorization
    Cross-Platform Authorization Rules
    RBAC Profile for XACML
    Existing UCON Profiles for XACML
  4. Design Requirements and Current Efforts for a still non-existent UCON profile
    Distributed Attribute Repositories
    Execution and Synchronization Issues
  5. Basic Industry-Standard Identity Management Protocols
    OpenID
    OAuth
  6. Discretionary/Mandatory Access Controls
    SELinux
    Loadable Policy Modules
  7. Introduction to Trusted Computing
    Applications
    Protocols
    Tools
  8. Applied Trusted Computing
    Integrity Measurement Architecture
    Rebuilding the Linux Kernel for Integrity Measurement and Reporting
  9. Applied Trusted Computing (contd.)
    Attestation Protocols
    Verification Procedures and Requirements
    Limitations of IMA
  10. Trusted Execution Technology (TXT)
    Latest trends in TC Research
  11. Federated Identity Management
    Entity (Meta)data Exchange
    Shibboleth Framework
    Service Providers/Identity Providers
  12. State-of-the-art: Combining Federated Identity Management Frameworks with Trusted Computing
  13. Alternative Identity Management Mechanisms
    Keystroke-based Authentication
    Identity Management on Smartphone/Mobile Platforms
  14. Future Directions and Research Topics in Secure Systems
  15. Term Paper Presentations
  16. Term Paper Presentations (contd.)