CurricuSec: Curriculum Tools for Security
Below we provide a preliminary set of topic ideas to help ground our intentions in a concrete plan for their realization. Our intention is to flesh out all of this material into world-class teaching materials, in keeping with the high standards maintained at CMU/CyLab for such endeavors.
We are partially inspired by the historical development of teaching materials on parallel programming. What was once a niche area only for specialists and cutting edge research is now a part of the basic CS curriculum. We aspire to help to have a similar impact with respect to security – now that the ubiquity of the Internet and financially motivated attackers are here to stay – and emphasize trusted computing technologies in particular.
We hope to make all code developed for laboratory and homework exercises available to other educators. We are in favor of open source but it should not be trivial for students to find the solutions to their assignments.
Preliminary Trusted Computing Curriculum Outline
General Principals of Practical Security
Developing Good Security Judgement, Isolation, Cost/Return
"You aren't cleverer than the rest of the world combined."
How to think about security. Analyze how one's system is going to fail. Identify resources, assets, their value, and the attack surface through which attackers might try to compromise the system. Appreciate the significance of the environment in which their system operates, and do not stare exclusively at the system itself.
Basic security properties: Confidentiality, integrity, authenticity, authorization, non-repudiation, availability
Good crypto hygiene (roles for keys)
IT principles and user principles (e.g., revocation, backup, PII, where is my data?)
History
Many problems in computer security have remained unchanged for decades.
Reference monitor
Rainbow books
Development of today's Trusted Computing efforts
IT experiences
Confidentiality vs integrity, Biba, Chinese wall, etc
Applied Cryptography : Understanding cryptographic tools
Hash functions
Symmetric vs asymmetric cryptography
Key management
"Leave it to the cryptographers" with respect to new algorithms, etc
Threat Analysis : The Critical Analysis of Threats
Common attack types: buffer overflows, return-to-libc, return oritented programming, etc. Possible extension to web technologies.
Dictionary attacks
Data at rest / in motion / in use
Methods of Trusted Execution : Principals of trusting program execution
Break-once run anywhere
Time of check, time of use
Runtime properties vs load-time properties
The value of software identity
Trusted Computing Building Blocks
Hardware roots of trust (TPMs, …), SEDs, Virus Checkers, SCAP, TNC, Smart Cards, TSS
Static vs dynamic root of trust
Device identity
Sealed storage
Integrity measurement
Network access control
Attestation, Event, and Log Analysis, Remediation : Handling Attestations, Events, Logs
Signed code (boot process; applying patches)
Boot process integrity (authenticated boot, sealed storage, etc)
System and network monitoring
Provenance (how to manage third party code in an important system)
Trusted Computing Systems: Different compositions of building blocks, including servers, laptops, mobile, handheld, etc.
TC "in context"
Virtualization
Cloud
Solutions-focused
Certification Strategies : Common Criteria, FIPS, Self-Certification, Industry Standards
Advanced Research Concepts in Trusted Computing : Theory
Sw-based attestation
Property/attribute-based attestation
Laws and regulations
Privacy
Export / import
Project Leads |
Local Support Staff |
| Virgil Gligor, Carnegie Mellon CyLab | Ivan Liang, Carnegie Mellon CyLab |
| Jonathan McCune, Carnegie Mellon CyLab | Nichole Dwyer, Carnegie Mellon CyLab |
Sponsors
CyLab, Intel Corporation
 |
 |