Operating Systems Security
This lecture gives an introduction to security issues of operating systems and in particular puts the content of the lecture of "Software and Websecurity 1" into a broader context.
After this course, the students are able to
- recognize limitations of classic UNIX security,
- understand security concepts of modern operating systems for desktop and mobile devices,
- evaluate OS configurations from a security perspective,
- identify and apply common attacks against operating systems,
- recognize and utilize standard defense mechanisms.
- Multiuser environments
- Authentication and authorization
- File-access policies
- Memory protection
- Virtualization and related security issues
- Malware and malware detection
- Security-enhanced operating systems (e.g., SE-Linux)
- Operating systems designed for security (e.g, Ethos)
- 16 hours lecture
- 16 hours problem session
- 52 hours individual study period
ExaminationHomework assignments and written exam.
The background from the lectures "Security" and "Network Security" is helpful.
Background from the lecture "Software and Websecurity 1" is highly recommended, but not mandatory.
- General background: "Introduction of Computer Security" by Michael Goodrich and Roberto Tamassia
- "Operating System Security" by Trent Jaeger
- Additional material and lecture slides will be on the course website