Reading. Sotiris Ioannidis, Steven M. Bellovin, John Ioannidis, Angelos D. Keromytis, Kostas G. Anagnostakis, and Jonathan M. Smith. Virtual Private Services: Coordinated Policy Enforcement for Distributed Applications. International Journal of Network Security 4(1):69-80,January 2007.
Reading. Marco Pistoia, Anindya Banerjee, and David A. Naumann. Beyond Stack Inspection: A Unified Access-Control and Information-Flow Security Model. In Proc. 2007 IEEE Symposium on Security and Privacy.
Reading. Li Gong. Sections 1-4 of Java 2 Platform Security Architecture.
Grading. Grading statistics for homework 2 are available on the cse592 home page.
Coming Events. Microsoft Events.
Reading. Ravi Sandhu, Venkata Bhamidipati and Qamar Munawer. The ARBAC97 Model for Role-Based Administration of Roles. ACM Transactions on Information and Systems Security (TISSEC), Volume 2, Number, February 1999.
Exam. You should bring the following materials to the exam. You may also bring other materials allowed by the Exam policy on the cse592 home page, although I expect they will not be useful.
Reading. Andrew C. Myers and Barbara Liskov. Protecting Privacy using the Decentralized Label Model. ACM Transactions on Software Engineering and Methodology (TOSEM) 9(4):410-442, October 2000.
Coming Events. Polytechnic University's Fourth Annual Cyber Security Awareness Week (CSAW).
Lecture Notes on Revised API for Cassandra.
Lecture Notes on Trust Management.
Reading. Up to (and including) section 3.1 of: Katia Hristova, Tom Rothamel, Yanhong A. Liu, and Scott D. Stoller. Efficient Type Inference for Secure Information Flow. In Proceedings of the 2006 ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS). ACM Press, 2006. This is a revised and extended version of the workshop paper.
Project. The first two paragraphs of the section "CONNECTIONS BETWEEN THE APPLICATION, DBMS, and TRUST MANAGER" should be replaced with the following (the change is to mention persistence layers, such as Hibernate):
connection between application and DBMS. application processes access the DBMS using a connector, such as JDBC or ODBC, or a persistence layer, such as Hibernate (http://www.hibernate.org/). application users may also access the DBMS directly (using a GUI or command-line interface), although they will need to run a process to invoke trust manager functions.
connection between trust manager and DBMS. the trust manager connects to the DBMS using a connector, such as JDBC or ODBC, or a persistence layer, such as Hibernate. note that this does not need to be the same kind of connector that application processes use to access the DBMS.
Reading. Sections 1-4 of: Dennis Volpano, Geoffrey Smith, and Cynthia Irvine. A Sound Type System for Secure Flow Analysis. Journal of Computer Security 4(3):167-187, December 1996.
Grading. Grading statistics for homework 1 are available on the cse592 home page.
Project. One more comment regarding the MySQL server in the grad windows lab... the server is accessible from outside the grad windows lab: the instructions at http://www.cs.sunysb.edu/~gradlab/MySql.html should work from inside or outside the lab.
Project. One more comment regarding the MySQL server in the grad windows lab... if you want to use it, please test whether you can successfully grant privileges from one of your user accounts to another using GRANT commands. if not, the system administrator might need to enable this.
Project. here is more info related to the trust management project.
MySQL Server is installed on a server in the Grad Windows Lab, and MySQL Query Browser and JDBC are available on the PCs, so you can use MySQL in that lab without installing it in your own account. for details, see http://www.cs.sunysb.edu/~gradlab/MySql.html. if your team is interested in using that MySQL server, let me know, and I will send you a few names and passwords for it. you are not required to use the grad windows lab. if you use your own computer, keep in mind that you do need to demo your system to me at the end of the semester. if you don't have a laptop, you will need to get your system running in the grad windows lab, the CS SINC site, or (as a last resort) on a PC in my lab or office.
Project. Another small change to the project description: I edited the following sentences in the CERTIFICATE FETCHING section, based on the discussion in class today.
the trust manager attempts to determine the home location of a principal from its public-key certificate (an alternative is to look it up in a registry service). public-key certificates do not contain a standard field for this purpose, but the certificate format is extensible, and an extension field can be used for this purpose. another option (more of a hack) is for the trust manager to look in the common name (CN) field of the public-key certificate; if the last word (i.e., the suffix starting after the last) of the common name contains a dot (i.e., a period), then that word is taken to be the principal's home location; it should be a host name or IP address optionally including a port number (e.g., think.cs.sunysb.edu or 127.0.0.1:2400).
Guest Lecture. On Thursday, Oct 4, at 10am, we will attend Marianne Winslett's guest lecture on trust negotiation in Computer Science 2311, instead of meeting in our usual classroom.
Project. I added an important new item, item (5), under GENERAL INSTRUCTIONS in project-tm.txt. this item applies to all projects done by teams with more than 1 member. here is a copy of it, for your convenience: Deliverables for each part of the project include: ...
(5) a work breakdown, summarizing each team member's contributions to this part of the project (which parts of the code, documentation, and testcases he or she wrote, debugging effort, etc.). it is expected that each team member contibutes equally to the project as a whole (i.e., the sum over all 4 parts). at the end of the semester, if this is not the case, we may adjust each team member's project scores accordingly, based on their overall contribution.
Office Hours. Sorry, I will not be able to hold my regualrly scheduled office hours this week. I will be happy to meet people by appointment; call or send email to set a time.
Grading Weights. Grading weights have been added to the bottom of the cse592 home page.
Project. Project details are available on Blackboard. Login, select CSE592, and then select Course Documents.
Exam Dates. To give people more time to work on the project, I propose to cancel the first midterm exam. The remaining midterm exam will be on November 20.
Reading. Moritz Y. Becker and Peter Sewell. Cassandra: Flexible Trust Management, Applied to Electronic Health Records. In Proc. 17th IEEE Computer Security Foundations Workshop (CSFW), 2004.
Exam Dates. I propose to hold the midterm exams on October 11 and November 20. If you see any problems with these dates, let me know as soon as possible. (See new plan in entry for Sep 30.)
Exams. I added exam policies in the Policies section on the cse592 home page.
Reading. Sabrina De Capitani di Vimercati, Sushil Jajodia, Stefano Paraboschi, and Pierangela Samarati. Trust Management Services in Relational Databases. In Proc. 2007 ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS).
Reading. Ravi Sandhu, Edward Coyne, Hal Feinstein, and Charles Youman. Role-Based Access Control Models. IEEE Computer 29(2):38-47, February 1996.
Programming Contest. Consider participating in the 2007 Stony Brook ACM Programming Contest. It's fun!
Office Hours. I updated the description of my office hours on the cse592 home page.
Mailing List. If you would like to be on the cse592 mailing list, please send a message with your name and email address to stoller@cs.sunysb.edu.
Reading. If you are not already familiar with the basics of cryptography (shared-key cryptography, public-key cryptography, digital signatures), please read about it. This is background material that we will not cover in lecture. Most security textbooks have a chapter or two about it. For example, chapters 8 and 9 of Matthew Bishop, Introduction to Computer Security (Addison-Wesley, 2004) or chapters 9 and 10 of Matthew Bishop, Computer Security: Art and Science (Addison-Wesley, 2002).
Reading. Read the specified parts of the papers listed under Basics on the cse592 home page.
Questionnaire. If you did not fill out this questionnaire during today's class, please print it, fill it out, and put it in the instructor's mailbox or slip it under his office door.