Operating Systems Security

Introduction

This lecture gives an introduction to security issues of operating systems and in particular puts the content of the lecture of "Software and Websecurity 1"  into a broader context.

Objectives

After this course, the students are able to

  • recognize limitations of classic UNIX security,
  • understand security concepts of modern operating systems for desktop and mobile devices,
  • evaluate OS configurations from a security perspective,
  • identify and apply common attacks against operating systems,
  • recognize and utilize standard defense mechanisms.

Subjects

  • Multiuser environments
  • Authentication and authorization
  • File-access policies
  • Memory protection
  • Virtualization and related security issues
  • Malware and malware detection
  • Security-enhanced operating systems (e.g., SE-Linux)
  • Operating systems designed for security (e.g, Ethos)

Teaching methods

  • 16 hours lecture
  • 16 hours problem session
  • 52 hours individual study period

Examination

Homework assignments and written exam.

Pre-requisites

The background from the lectures "Security" and "Network Security" is helpful.

Background from the lecture "Software and Websecurity 1" is highly recommended, but not mandatory.

Literature

  • General background: "Introduction of Computer Security" by Michael Goodrich and Roberto Tamassia
  • "Operating System Security" by Trent Jaeger
  • Additional material and lecture slides will be on the course website

Website


Course ID
NWI-IBC034
Credits
3 ec
Scheduled
second quarter

Lecturers

Included in