CSE 290: Schedule and Readings

Date	Topic and reading
Wed., Sep. 28	Introduction Reading: Willis H. Ware et al., Security Controls for Computer Systems, 1970.
Wed., Oct. 5	Multics Reading: Paul A. Karger and Roger R. Schell, Multics Security Evaluation: Vulnerability Analysis, 1974. Paul A. Karger and Roger R. Schell, Thirty Years Later: Lessons from the Multics Security Evaluation, 2002.
Wed., Oct. 12	Confidentiality Reading: David E. Bell and Leonard J. LaPadula, Secure Computer System: Unified Exposition and Multics Interpretation, 1975 (sections I, II, IV only). Clark Weissman, Security Controls in the ADEPT-50 Time-Sharing System, 1969. David E. Bell, Looking Back on the Bell-LaPadula Model, 2005.
Wed., Oct. 19	Operating Systems Reading: Peter G. Neumann and Richard J. Feiertag, PSOS Revisited, 2003. Paul A. Karger, Mary Ellen Zurko, Douglas W. Bonin, Andrew H. Mason, and Clifford E. Kahn, A Retrospective on the VAX VMM Security Kernel, 1991. Steve Lipner, Trent Jaeger, and Mary Ellen Zurko, Lessons from VAX/SVS for High Assurance VM Systems, 2012.
Wed., Oct. 26	The Orange Book Reading: Department of Defense Trusted Computer System Evaluation Criteria 1985. (Focus on chapters 5, 6, and 10.) Steven B. Lipner, The Birth and Death of the Orange Book, 2015.
Wed., Nov. 2	The Orange Book (cont.) Reading: George F. Jelen, Information Security: An Elusive Goal, 1985.
Wed., Nov. 9	SCOMP/STOP Reading: Final Evaluation Report of SCOMP, Secure Communications Processor, STOP Release 2.1, 1985.
Wed., Nov. 16	Covert Channels Reading: Steven B. Lipner, A Comment on the Confinement Problem, 1975. Terry C. Vickers Benzel, Analysis of a Kernel Verification, 1984, section VII. Timothy E. Levin and Albert Yao, Covert Storage Channel Analysis: A Worked Example, 1990 (pp. 23–32 in PDF) John C. Wray, An Analysis of Covert Timing Channels, 1991. Richard A. Kemmerer, A Practical Approach to Identifying Storage and Timing Channels: Twenty Years Later, 2002
Wed., Nov. 23	Virtualization Reading: Clark Weissman, Secure Computer Operation with Virtual Machine Partitioning, 1975. Gerald J. Popek and Charles S. Kline, A Verifiable Protection System, 1975. Marvin Shaefer, Barry D. Gold, Richard R. Linde, and John Scheid, Program Confinement in KVM/370, 1977. Barry D. Gold, Richard R. Linde, and Paul F. Cudney, KVM/370 in Retrospect, 1984. (The VAX VMM readings from October 19.)
Wed., Nov. 30	Wrapping Up Reading: David E. Bell, Looking Back: Addendum, 2006. (Mirror.)

CSE 290: Schedule and Readings

Navigation: CSE // CSE 290 // Calendar