CIS 700 - Special Topic: Special Topic: Hardware Support for Security
Spring 2005
Email: milom at cis.upenn.edu
Meeting Times and Places
Monday/Wednesday, 12:00-1:20pm
Moore 212
Course Description
This seminar course will survey proposals for expanding the role of
hardware in creating more secure systems. Recent research has
proposed expanding the security role of hardware beyond simply
providing virtual memory and the separation of user and supervisor
modes. Topics covered in this course may include hardware support
for: buffer-overflow prevention, secure information processing,
reducing runtime overheads of secure programming languages, fast
cryptography, fine-grain memory protection, dynamic information flow
tracking, tamper resistant and verified software, remote attestation,
address-space randomization to prevent code injection, hardware-based
virus and intrusion detection, secure cryptographic co-processors, and
various "trusted" computing initiatives.
Coursework will consist mostly of paper reading, analysis, and
in-class discussion. The prerequisites are CIS501 and a desire to
learn more about both security and computer architecture. The course
material should be applicable and accessible to participants from a
range of sub-disciplines including computer architecture, systems
security, distributed systems, compilers, and programming languages.
Course Schedule
Note: Some of the papers linked from this page may only be accessed by hosts in the upenn.edu domain.
- Mon, Jan 10 - Course overview - ppt or pdf
- Wed, Jan 12 - Chapter 1 and
Chapter 2 of
Anderson's Security Engineering
- Mon, Jan 17 - NO CLASS - MLK Day
- Wed, Jan 19
- Mon, Jan 24
-
Building the IBM 4758 Secure Coprocessor by Dyer et al, IEEE Computer, Oct 2001.
-
Intel Wireless Trusted Platform: Security for Mobile Devices, 2004.
- Further reading: ABYSS: An Architecture for Software
Protection by White and Comerford, IEEE Transactions on Software
Engineering, Vol 16, No. 6, June 1990
- Further reading: Using a High-Performance, Programmable Secure
Coprocessor by Smith, Palmer, and Weingart, Second International
Conference on Financial Cryptography, 1998.
- Wed, Jan 26
- Mon, Jan 31
- Wed, Feb 02
- Mon, Feb 07
- Cyclone: A safe dialect of C by Trevor Jim, Greg Morrisett, Dan Grossman, Michael Hicks, James Cheney, and Yanling Wang. USENIX Annual Technical Conference, pages 275-288, Monterey, CA, June 2002.
- Region-based Memory Management in Cyclone by Dan Grossman, Greg Morrisett, Trevor Jim, Michael Hicks, Yanling Wang, and James Cheney. ACM Conference on Programming Language Design and Implementation, pages 282--293, Berlin, Germany, June, 2002.
- Wed, Feb 09
- Mon, Feb 14 - NO CLASS - HPCA
- Wed, Feb 16 - NO CLASS - HPCA
- Mon, Feb 21
- Wed, Feb 23
- Mon, Feb 28
- Wed, Mar 02
- Mon, Mar 07 - NO CLASS - Spring Break
- Wed, Mar 09 - NO CLASS - Spring Break
- Mon, Mar 14
- Wed, Mar 16
- Mon, Mar 21
- Wed, Mar 23
- Mon, Mar 28
- Architectural Support for Copy and Tamper Resistant Software by David Lie, Chandramohan Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell, and Mark Horowitz, ASPLOS 2000.
- AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing by G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten van Dijk, Srinivas Devadas, ICS 2003.
- Further reading: Caches and Hash Trees for Efficient Memory
Integrity Verification by Gassend et al, HPCA 2003.
- Further reading: Certifying
Program Execution with Secure Processors by Chen and Morris,
9th Workshop on Hot Topics in Operating Systems (HotOS IX), 2003.
- Wed, Mar 30
- Mon, Apr 04
- Wed, Apr 06
- Mon, Apr 11
- Wed, Apr 13
- Mon, Apr 18
- Wed, Apr 20
Additional Further Reading
- A Secure and Reliable Bootstrap Architecture by Arbaugh et al, IEEE Symposium on Security and Privacy 1997.
- Secure Execution Via Program Shepherding by Kiriansky et al, USENIX Security 2002.
- Mondrian Memory Protection by Witchel et al, ASPLOS 2002.
- High Coverage Detection of Input-Related Security Faults by
Larson and Austin, USENIX Security 2003.
- A Practical Dynamic Buffer Overflow Detector by Ruwase and Lam, NDSS 2004.
- Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software by Newsome and Song. NDSS 2004.
- Establishing the Genuinity of Remote Computer Systems by Kennell
and Jamieson, USENIX Security Symposium 2003.
- Attestation-based Policy Enforcement for Remote Access by Sailer
et al, CCS 2004.
- Side Effects are Not Sufficient to Authenticate Software by
Shankar et al, USENIX Security Symposium 2004.
- SWATT: SoftWare-based ATTestation for Embedded Devices by Arvind
Seshadri et al, IEEE Symposium on Security and Privacy 2004.
- SAM: A Flexible and Secure Auction Architecture Using Trusted
Hardware by Perrig et al, Electronic Journal on E-commerce Tools and
Applications, 2001.
- The Magic of RFID by Roy Want, ACM Queue, October 2004.
- Bridging the Gap between TCPA/Palladium and Personal Security, Ahmad-Reza
Sadeghi and Christian Stuble.
Recent Additions
- Architecture for Protecting Critical Secrets in Microprocessors by Ruby Lee et al, ISCA 2005.
- High Efficiency Counter Mode Security Architecture via Prediction and Precomputation by Weidong Shi et al, ISCA 2005.
- Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions by G. Edward Suh at el, ISCA 2005.
- InfoShield: A Security Architecture for Protecting Information Usage in Memory by Weidong Shi er al, HPCA 2006.
- Improving Cost, Performance, and Security of Memory Encryption and
Authentication by Chenyu Yan et al, ISCA 2006.
- Cell Broadband Engine Processor Security Architecture and Digital
Content Protection, Kanna Shimizu et al, MCPS 2006.
- Bounds Checking with Taint-Based Analysis by Weihaw Chuang, Satish
Narayanasamy, Brad Calder and Ranjit Jhala,
International Conference on High Performance Embedded Architectures & Compilers, January 2007