This syllabus is tentative and will undoubtedly continue to change as the quarter progresses. If there is a topic you’re interested in but not shown, please let me know; I may well change things to cover it. All readings are from the text unless otherwise indicated.

Week 1: Dates: Jan 10, 12
Topics: Reference monitor, access control matrix, safety question, take-grant model, SPM
Reading: text, §2, 3–3.4,; Papers: TL13, Z+05
Week 2: Dates: Jan 17, Jan 19
Topics: Expressive power of models, comparing models, security policies
Reading: text, §3.4–3.7, 4; Paper: Bi96
Week 3: Dates: Jan 24, Jan 26
Topics: Confidentiality policies, Bell-LaPadula Model
Reading: text, §5.1–5.2, A; Paper: Sa93
Due: Jan 24: homework 1; Jan 26: project selection
Week 4: Dates: Jan 31, Feb 2
Topics: Tranquility, System Z, assurance overview, assurance in building systems, assurance in design
Reading: text, §5.3–5.6, 19, 20–20.2; Papers: D+06, Mi79
Week 5: Dates: Feb 7, Feb 9     [Note: No class on Feb 9]
Topics: Assurance in implementation, integrity models, Biba, Clark-Wilson, trust models, availability models
Reading: text, §20.2–20.4, 6 (except 6.2), 7–7.2; Papers: J+11, LO10
Due: Feb 7: homework 2
Week 6: Dates: Feb 14, Feb 16
Topics: Availability models, hybrid models, Chinese Wall model, CISS model, ORCON, RBAC, Traducement
Reading: text, §7.3–7.4, 8; Papers: A+10, E+03, WB04
Due: Feb 14: project progress report
Week 7:> Dates: Feb 21, Feb 23
Topics: Basic policy composition, noninterference, unwinding theorem, nondeducibility, restrictiveness
Reading: text, §9; Paper: B+07
Due: Feb 21: homework 3
Week 8: Dates: Feb 28, Mar 2
Topics: Entropy, information flow
Reading: text, §17, C; Paper: SA06
Week 9: Dates: Mar 7, Mar 9
Topics: Principles of secure design, confinement problem, isolation
Reading: §14, 18–18.2; Papers: S+06,KR02
Week 10: Dates: Mar 14, Mar 16     [Note: Mar 16 is last class]
Topics: Covert channel analysis, malware
Reading: §18.3, 23.8; Paper: D+11
Due: Mar 14: homework 4
Mar 24: Due: Completed project due at 10:00am


[A+10]  C. Ardagna, S. di Vimercati, S. Foresti, T. Grandison, S. Jajodia, and P. Samarati, “Access Control for Smarter Healthcare Using Policy Spaces,” Computers & Security 29(8) pp. 848–858 (Nov. 2010).
DOI: 10.1016/j.cose.2010.07.001

[B+07]  M. Backes, M. Dümuth, and D. Unruh, “Information Flow in the Peer-Reviewing Process (Extended Abstract),” Proceedings of the 2007 IEEE Symposium on Security and Privacy pp. 187–191 (May 2007).
DOI: 10.1109/SP.2007.24

[Bi96]   M. Bishop, “Conspiracy and Information Flow in the Take-Grant Protection Model,” Journal of Computer Security 4(4) pp. 331–359 (1996).
DOI: 10.3233/JCS-1996-4404

[D+11]  A. Datta, J. Franklin, D. Garg, L. Jia, and D. Kaynar, “On Adversary Models and Compositional Security,” IEEE Security & Privacy 9(3) pp. 26–32 (May 2011).
DOI: 10.1109/MSP.2010.203

[D+06]  P. Derrin, K. Elphinstone, G. Klein, D. Cock, and M. Chakravaty, “Running the Manual: An Approach to High-assurance Microkernel Development,” Proceedings of the 2006 ACM SIGPLAN Workshop on Haskell pp. 60–71 (Sep. 2006).
2006DOI: 10.1145/1159842.1159850

[E+03]  A. El Kalam, R. El Baida, P. Balbiani, S. Benferhat, F. Cuppens, Y. Deswarte, A. Miège, C. Saurel, and G. Trouessin, “Organization Based Access Control,” Proceedings of the IEEE 4th International Workshop on Policies for Distributed Systems and Networks pp. 120–131 (June 2003).
DOI: 10.1109/POLICY.2003.1206966.

[J+11]   B. Javadi, D. Kondo, J.-M. Vincent, and D. Anderson, “Discovering Statistical Models of Availability in Large Distributed Systems: An Empirical Study of SETI@home,” IEEE Transactions on Parallel and Distributed Systems 22(11) pp. 1896–1903 (Nov. 2011).
DOI: 10.1109/TPDS.2011.50

[KR02] C. Ko and T. Redmond, “Noninterference and Intrusion Detection,” Proceedings of the 2002 IEEE Symposium on Security and Privacy pp. 177–187 (May 2002).
DOI: 10.1109/SECPRI.2002.1004370

[LO10]  G. Loukas and G. Öke, “Protection Against Denial of Service Attacks: A Survey,” The Computer Journal 53(7) pp. 1020–1037 (2010).
DOI: 10.1093/comjnl/bxp078

[Mi79]  J. Millen, “Operating System Security Verification,” MITRE Corp., Bedford, MA (1979).

[S+06]  G. Shah, A. Molna, and M. Blaze, “Keyboards and Covert Channels,” Proceedings of the 15th USENIX Security Symposium pp. 59–78 (Aug. 2006).

[Sa93]  R. Sandhu, “Lattice-Based Access Control Models,” IEEE Computer 26(11) pp. 9–19 (Nov. 1993).
DOI: 10.1109/2.241422

[SA06]  J. Soon and J. Alves-Foss, “Covert Timing Channel Analysis of Rate Monotonic Real-Time Scheduling Algorithm in MLS Systems,” Proceedings of the 2006 IEEE Information Assurance Workshop pp. 361–368 (June 2006).
DOI: 10.1109/IAW.2006.1652117

[TL13]  M. Tripunitara and N. Li, “The Foundational Work of Harrison-Ruzzo-Ullman Revisited,” IEEE Transactions on Dependable and Secure Computing 10(1) pp. 28–39 (Jan. 2011).
DOI: 10.1109/TDSC.2012.77

[WB04] T. Walcott and M. Bishop, “Traducement: A Model for Record Security,” ACM Transactions on Information and System Security 7(4) pp. 576–590 (Nov. 2004).
DOI: 10.1145/1042031.1042035

[Z+05]  X. Zhang, Y. Li, and D. Nalla, “An Attribute-Based Access Matrix Model,” Proceedings of the 2005 ACM Symposium on Applied Computing pp. 359–363 (Mar. 2005).
DOI: 10.1145/1066677.1066760

UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
ECS 235B, Foundations of Computer and Information Security
Version of January 5, 2023 at 7:00PM

You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh