System Security
Teaching goals
- Understand the principles of securing a computer system.
- Have knowledge of security policies and mechanisms in operating systems.
- Perform various hand-on labs.
- Present a scientific paper in computer security.
Course description
Operating systems provide the fundamental mechanisms for securing computer processing. Recently, the importance of ensuring such security has become a mainstream issue for all operating systems. In this course, we examine what it takes to build a secure operating system, and explore the major systems development approaches that have been applied towards building secure operating systems. This journey has several goals: access control, file systems encryption, and isolation. Moreover, the students will get various hand-on experiences with common Unix configurations.
Course content
- Authentication and PAM module.
- File systems.
- Advanced access control.
- Capabilities and Mandatory Access Control.
- Files encryption, system calls and isolation.
Keywords
DAC, SELinux, Capability, FDE, Syscalls.
Prerequisite
Introduction to UNIX.
Bibliography
- Operating System Security, by Trent Jaeger, 2008
- Computer Security Principles and Practice (4th edition), by William Stallings and Lawrie Brown, 2017
- Computer Systems: A Programmer’s Perspective (3rd edition), by Randal E. Bryant and David R. O’Hallaron, 2016
- Introduction of Computer Security, by Michael T. Goodrich and Roberto Tamassia, 2011
Biography
Mohamed Sabt is a full professor at the University of Rennes. Mohamed Sabt’s research focuses on:
- Identification of flaws inside the design of security protocols as well as their implementations,
- Smartphones security, Secure Elements (SE), and Trusted Execution Environment (TEE),
- Digital Rights Management (DRM).
Mohamed Sabt carries out his research within the SPICY Team at IRISA.