CSCI 620 Operating System Security

Spring 2009 - 3 Credits
 

New York Institute of Technology-Amman's Campus

http://www.just.edu.jo/~tawalbeh/nyit/csci620.html


Announcements

  • Schedule and Classroom:  Wed 6:00-9:00 PM. Meeting Room: C103
  • In order to view or print the PDF files, you need Adobe Acrobat Reader. Make sure that you install the most recent version of Acrobat Reader in your computer, otherwise, you may not be able to view or print the documents found on this site.
  • Why should you care about this class? Read this article. (Published in IEEE Computer.)
  • Alice and Bob: Security's inseparable couple.

  • Please read chapter 1 from the text book.

  • Overview and Chapter 2 slides are now posted.

Grades

Grades


 Exams

  • Midterm  Exam: TBA
  • Final Exam: TBA

Homework Assignments

  • TBA

All homework assignments are submitted by email to : tawalbeh@just.edu.jo. Please name your file as your last name followed by homework number, for example, tawalbeh-hw1.pdf.
Also make sure that your name is printed within the homework file. Late HWs are not accepted


Course Plan

Weeks 1, 2: Chapters 1 and 2: Introduction and Basic Concepts Introduction

Weeks 3, 4: Chapter 3: Processes

Weeks 5, 6: Chapter 4: Threads

Weeks 6, 7:  Chapter 10 and 11: File System Interface and Implementation

Week 8: Midterm Exam

Weeks 9, 10:  Chapter 14: Protection

Weeks 12, 13:: Chapter 15: Security

Week 14: Security 1

Week 15: Security 2

Week 16: Final Exam


Catalog Description

In this course students are introduced to advanced concepts in operating systems with emphasis on security. Students will study contemporary operating systems including UNIX and Windows. Topics include the application of policies for security administration, directory services, file system security, audit and logging, cryptographic enabled applications, cryptographic programming interfaces, and operating system integrity verification techniques

Prerequisites:

CSCI 370: introduction to computer networks, CSCI  711—OS I

Topics

  •  Overview of Operating Systems; Multiprogramming Systems; Time-Sharing Systems; Parallel Systems; Distributed Systems; Real-Time Systems; Dual Mode and Protection;  Operating System Services; System Calls; Types of System Calls

 

  • Process Concept; Process States; Context Switch; Process Scheduling; Operation on Processes (creation & Termination).Overview; Multithreading Models; User/Kernel Level Threads; Pthread Library; Threading Issues.

 

  • File System Structure; File System Implementation; Directory Implementation; Allocation Methods; Recovery; Log-Structured File Systems; RAID Structure

 

  • File Protection; Types of Access; Access Lists and Groups; Other Protection Approaches; Recovery; Consistency Checking; Backup and Restore. Unix Security (Password, users, groups, File permissions, Access matrix, Domain protection.

  • Security definitions. Attacks, services and mechanisms. Introduction to Cryptography. Classical cryptosystems. Intrusions: Viruses, worms, and network threats.

 

  • The Security Problem; Authentication; Program Threats; System Threats; Buffer Overflow Problem; Securing Systems and Facilities; Auditing and Logging; Basics of Cryptography, Software Vulnerabilities and Malicious Programs

The Book

  • Silberschatz, Galvin, & Gagne, “Operating System Concepts,” 7th Edition, John Wiley & Sons. Inc.  2005.

References

  • Andrew Tanenbaum, “Modern Operating Systems,” Second Edition, Prentice Hall, 2001, ISBN 0-13-031358-0.

  • Windows ® XP Professional Security, Gary Bahadur, Chris Weber McGraw-Hill, 2002, ISBN: 0072226021.

  •  Linux System Security: The Administrator's Guide to Open Source Security Tools, Scott Mann, Ellen Mitchell, Mitchell Krell, 2nd Edition. Prentice Hall, 2002. ISBN: 0130470112.

 

Grading Plan

  • HW Assignments/Presentations: 20%  
  • Mid Exam: 20 %
  • Final: 50 %

 

Dr. Lo'ai A. Tawalbeh


                                                                          3 Feb 2009