Operating System Security

Teaching goals

Operating systems are building blocks for information systems that implement many security concepts and provide essential security features. The goal of the course is to provide both theoretical and practical keys to study these security properties in Linux-based systems and Windows systems. This course is equally composed of lectures and lab sessions.

Course description

Trusted computing concepts
Booting process security
Authentication
Access control and information flow control
Data protection (confidentiality and integrity)
Kernel security mechanisms
Virtualization-based isolation mechanisms
Container-based isolation mechanisms
System hardening and security automation

Keywords

Authentication, access control, kernel, data encryption, security boundary, LSM, virtualization, container.

Prerequisite

cryptography (encryption, hash functions)
operating system internals (userspace vs kernelspace, process, memory management, IO) and relationship with hardware architecture
C language programming (basic skills)
TCP/IP networks (basic skills)
Comfortable with UNIX/Linux (CLI) and Windows (GUI)

Bibliography

Security Engineering: A guide to building dependable distributed systems (3rd edition), by Ross J. Anderson, 2020
Windows Internals, Part 1: System architecture, processes, threads, memory management, and more (7th Edition), by Pavel Yosifovich, Alex Ionescu Mark E. Russinovich and David A. Solomon, 2017

Biography

Mickaël Gallier has an engineering degree in information technology (major in systems and networks). He started his career at the Ministry of Defense in 2000 as a developer and system administrator. From 2009 to 2014 he worked as an engineer in information system security using his technical expertise as a consultant and project manager. He joined the DGA Information Master’s cybersecurity division in 2014 and has been in charge of a cybersecurity laboratory since 2015. The laboratory’s activities focus in particular on securing system architectures, evaluating security products, and publishing ministerial reference documents (ex: security guides). In 2018 and 2019 he was a part of France’s Blue Team in NATO’s “Locked Shields” exercise. He regularly attends conferences on cybersecurity (SSTIC, BruCON, HIP, HES, C&ESR) and supervises students (apprentices and trainees). He has also contributed to the improvement of open-source products by identifying vulnerabilities (ex: CVE-2014-7811).

> Study year: M2 Computer Science, cybersecurity track

> 3 ECTS

> Professor: Mickaël Gallier

> Teaching Language: French

> Administrative code: SSE

There were many key moments during my studies and one of them was the privacy course in the final year of my Master's. The teacher was great and the case studies and practicals really helped me to understand the importance of privacy in our daily lives, and it’s still a hot topic today.

Karim Chahal

Master’s in Computer Science, Cybersecurity track, graduated in 2015