Syllabus

This syllabus is tentative and will undoubtedly continue to change as the quarter progresses. If there is a topic you’re interested in but not shown, please let me know; I may well change things to cover it. All readings are from the text unless otherwise indicated.

Week 1:	Dates: Mar 31, Apr 2, 4
	Topics: Reference monitor, access control matrix, safety question, take-grant model, SPM
	Reading: text, §2, 3–3.4, 20.1.2.2; Papers: TL13, Z+05
Week 2	Dates: Apr 7, 9, 11 [Note: No class on Apr 9]
	Topics: Expressive power of models, comparing models, security policies
	Reading: text, §3.4–3.7, 4; Paper: Bi96
Week 3:	Dates: Apr 14, 16, 18
	Topics: Confidentiality policies, Bell-LaPadula Model, Tranquility, System Z, integrity models, Biba, Clark-Wilson
	Reading: text, §5, 6.1–6.2, 6.4, A; Paper: Sa93
	Due: Apr 14: homework 1; Apr 16: project selection
Week 4:	Dates: Apr 21, 23, 25
	Topics: Trust models, availability models, hybrid models, Chinese Wall model, CISS model, ORCON
	Reading: text, §6.5, 7, 8.1–8.3; Papers: A+10,J+11, LO10
Week 5:	Dates: Apr 28, 30, May 2
	Topics: RBAC, break-the-glass policies, traducement, basic policy composition, noninterference
	Reading: text, §8.4–8.5, 9.1–9.2; Papers: E+03,KR02,WB04
	Due: Apr 28: homework 2
Week 6:	Dates: May 5, 7, 9
	Topics: Noninterference, unwinding theorem, nondeducibility, restrictiveness
	Reading: text, §7.3–7.4, 8; Papers: A+10, D+11, E+03, WB04
	Due: May 7: project progress report
Week 7:	Dates: May 12, 14, 16
	Topics: Assurance overview, assurance in building systems, assurance in design
	Reading: text, §9; Paper: B+07
	Due: May 12: homework 3
Week 8:	Dates: May 19, 21, 23 [Note: No class this week]
	Topics: Entropy, information flow
	Reading: text, §17, C; Paper: B+07,SA06
Week 9:	Dates: May 26, 28, 30 [Note: May 26 is a University holiday]
	Topics: Principles of secure design, confinement problem, isolation
	Reading: §14, 18–18.2; Papers: S+06,KR02
Week 10:	Dates: Jun 2, 4
	Topics: Covert channel analysis, malware
	Reading: §18.3, 23.8
	Due: Jun 4: homework 4
Jun 6:	Due: Completed project due at 3:00pm

Papers

A+10: C. Ardagna, S. di Vimercati, S. Foresti, T. Grandison, S. Jajodia, and P. Samarati, “Access Control for Smarter Healthcare Using Policy Spaces,” Computers & Security 29(8) pp. 848–858 (Nov. 2010); DOI: 10.1016/j.cose.2010.07.001
B+07: M. Backes, M. Dümuth, and D. Unruh, “Information Flow in the Peer-Reviewing Process (Extended Abstract),” Proceedings of the 2007 IEEE Symposium on Security and Privacy pp. 187–191 (May 2007); DOI: 10.1109/SP.2007.24
Bi96: M. Bishop, “Conspiracy and Information Flow in the Take-Grant Protection Model,” Journal of Computer Security 4(4) pp. 331–359 (1996); DOI: 10.3233/JCS-1996-4404
D+11: A. Datta, J. Franklin, D. Garg, L. Jia, and D. Kaynar, “On Adversary Models and Compositional Security,” IEEE Security & Privacy 9(3) pp. 26–32 (May 2011); DOI: 10.1109/MSP.2010.203
D+06: P. Derrin, K. Elphinstone, G. Klein, D. Cock, and M. Chakravaty, “Running the Manual: An Approach to High-assurance Microkernel Development,” Proceedings of the 2006 ACM SIGPLAN Workshop on Haskell pp. 60–71 (Sep. 2006); DOI: 10.1145/1159842.1159850
E+03: A. El Kalam, R. El Baida, P. Balbiani, S. Benferhat, F. Cuppens, Y. Deswarte, A. Mi\‘ege, C. Saurel, and G. Trouessin, “Organization Based Access Control,” Proceedings of the IEEE 4th International Workshop on Policies for Distributed Systems and Networks pp. 120–131 (June 2003); DOI: 10.1109/POLICY.2003.1206966.
J+11: B. Javadi, D. Kondo, J.-M. Vincent, and D. Anderson, “Discovering Statistical Models of Availability in Large Distributed Systems: An Empirical Study of SETI@home,” IEEE Transactions on Parallel and Distributed Systems 22(11) pp. 1896–1903 (Nov. 2011); DOI: 10.1109/TPDS.2011.50
KR02: C. Ko and T. Redmond, “Noninterference and Intrusion Detection,” Proceedings of the 2002 IEEE Symposium on Security and Privacy pp. 177–187 (May 2002); DOI: 10.1109/SECPRI.2002.1004370
LO10: G. Loukas and G. Öke, “Protection Against Denial of Service Attacks: A Survey,” The Computer Journal 53(7) pp. 1020–1037 (2010); DOI: 10.1093/comjnl/bxp078
Mi79: J. Millen, “Operating System Security Verification,” MITRE Corp., Bedford, MA (1979).
S+06: G. Shah, A. Molna, and M. Blaze, “Keyboards and Covert Channels,” Proceedings of the 15th USENIX Security Symposium pp. 59–78 (Aug. 2006); DOI: https://www.usenix.org/legacy/event/sec06/tech/shah/shah.pdf
Sa93: R. Sandhu, “Lattice-Based Access Control Models,” IEEE Computer 26(11) pp. 9–19 (Nov. 1993); DOI: 10.1109/2.241422
A06: J. Soon and J. Alves-Foss, “Covert Timing Channel Analysis of Rate Monotonic Real-Time Scheduling Algorithm in MLS Systems,” Proceedings of the 2006 IEEE Information Assurance Workshop pp. 361–368 (June 2006); DOI: 10.1109/IAW.2006.1652117
TL13: M. Tripunitara and N. Li, “The Foundational Work of Harrison-Ruzzo-Ullman Revisited,” IEEE Transactions on Dependable and Secure Computing 10(1) pp. 28–39 (Jan. 2011); DOI: 10.1109/TDSC.2012.77
WB04: T. Walcott and M. Bishop, “Traducement: A Model for Record Security,” ACM Transactions on Information and System Security 7(4) pp. 576–590 (Nov. 2004); DOI: 10.1145/1042031.1042035
Z+05: X. Zhang, Y. Li, and D. Nalla, “An Attribute-Based Access Matrix Model,” Proceedings of the 2005 ACM Symposium on Applied Computing pp. 359–363 (Mar. 2005); DOI: 10.1145/1066677.1066760

Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu

ECS 235B, Foundations of Computer and Information Security
Version of March 30, 2025 at 6:05PM

You can also obtain a PDF version of this.