Syllabus

This syllabus is tentative and will undoubtedly continue to change as the quarter progresses. If there is a topic you’re interested in but not shown, please let me know; I may well change things to cover it. All readings are from the text unless otherwise indicated.

Tentative Syllabus (As Of March 30, 2026)
WeekWhat Is Going On
Week 1: Dates: Mar 30, Apr 1, 3
Topics: Reference monitor, access control matrix, safety question, take-grant model, SPM
Reading: text, §2, 3–3.4, 20.1.2.2; Papers: TL13, Z+05
Week 2 Dates: Apr 6, 8, 10
Topics: Expressive power of models, comparing models, security policies
Reading: text, §3.4–3.7, 4; Paper: Bi96
Due: Apr 10: homework 1
Week 3: Dates: Apr 13, 15, 17
Topics: Confidentiality policies, Bell-LaPadula Model, Tranquility, System Z, integrity models, Biba, Clark-Wilson
Reading: text, §5, 6.1–6.2, 6.4, A; Paper: Sa93
Due: Apr 17: project selection
Week 4: Dates: Apr 20, 22, 24
Topics: Trust models, availability models, hybrid models, Chinese Wall model, CISS model, ORCON
Reading: text, §6.5, 7, 8.1–8.3; Papers: A+10, J+11, LO10
Due: Apr 24: homework 2
Week 5: Dates: Apr 27, 29, May 1
Topics: RBAC, break-the-glass policies, traducement, basic policy composition, noninterference
Reading: text, §8.4–8.5, 9.1–9.2; Papers: E+03, KR02, WB04
Week 6: Dates: May 4, 6, 8
Topics: Noninterference, unwinding theorem, nondeducibility, restrictiveness, side channels
Reading: text, §9.2–9.6; Papers: D+11, KR02
Due: May 8: homework 3
Week 7: Dates: May 11, 13, 15
Topics: Assurance overview, assurance in building systems, assurance in design; principles of secure design
Reading: text, §14, 19, 20–20.2; Paper: D+06
Due: May 11: project progress report
Week 8: Dates: May 18, 20, 22
Topics: Entropy, information flow
Reading: text, §17, C; Paper: B+07
Due: May 22: homework 4
Week 9: Dates: May 25, 27, 29     [Note: May 25 is a University holiday (Memorial Day)]
Topics: Confinement problem, isolation
Reading: §18–18.2
Week 10: Dates: Jun 1, 3
Topics: Covert channel analysis, malware
Reading: §18.3, 23.8; Papers: S+06, SA06
Due: Jun 4: homework 5
Jun 8: Due: Completed project due at 5:30pm

Papers

A+10
C. Ardagna, S. di Vimercati, S. Foresti, T. Grandison, S. Jajodia, and P. Samarati, “Access Control for Smarter Healthcare Using Policy Spaces,” Computers & Security 29(8) pp. 848–858 (Nov. 2010); DOI: 10.1016/j.cose.2010.07.001
B+07
M. Backes, M. Dümuth, and D. Unruh, “Information Flow in the Peer-Reviewing Process (Extended Abstract),” Proceedings of the 2007 IEEE Symposium on Security and Privacy pp. 187–191 (May 2007); DOI: 10.1109/SP.2007.24
Bi96
M. Bishop, “Conspiracy and Information Flow in the Take-Grant Protection Model,” Journal of Computer Security 4(4) pp. 331–359 (1996); DOI: 10.3233/JCS-1996-4404
D+11
A. Datta, J. Franklin, D. Garg, L. Jia, and D. Kaynar, “On Adversary Models and Compositional Security,” IEEE Security & Privacy 9(3) pp. 26–32 (May 2011); DOI: 10.1109/MSP.2010.203
D+06
P. Derrin, K. Elphinstone, G. Klein, D. Cock, and M. Chakravaty, “Running the Manual: An Approach to High-assurance Microkernel Development,” Proceedings of the 2006 ACM SIGPLAN Workshop on Haskell pp. 60–71 (Sep. 2006); DOI: 10.1145/1159842.1159850
E+03
A. El Kalam, R. El Baida, P. Balbiani, S. Benferhat, F. Cuppens, Y. Deswarte, A. Mi\‘ege, C. Saurel, and G. Trouessin, “Organization Based Access Control,” Proceedings of the IEEE 4th International Workshop on Policies for Distributed Systems and Networks pp. 120–131 (June 2003); DOI: 10.1109/POLICY.2003.1206966.
J+11
B. Javadi, D. Kondo, J.-M. Vincent, and D. Anderson, “Discovering Statistical Models of Availability in Large Distributed Systems: An Empirical Study of SETI@home,” IEEE Transactions on Parallel and Distributed Systems 22(11) pp. 1896–1903 (Nov. 2011); DOI: 10.1109/TPDS.2011.50
KR02
C. Ko and T. Redmond, “Noninterference and Intrusion Detection,” Proceedings of the 2002 IEEE Symposium on Security and Privacy pp. 177–187 (May 2002); DOI: 10.1109/SECPRI.2002.1004370
LO10
G. Loukas and G. Öke, “Protection Against Denial of Service Attacks: A Survey,” The Computer Journal 53(7) pp. 1020–1037 (2010); DOI: 10.1093/comjnl/bxp078
S+06
G. Shah, A. Molna, and M. Blaze, “Keyboards and Covert Channels,” Proceedings of the 15th USENIX Security Symposium pp. 59–78 (Aug. 2006); DOI: https://www.usenix.org/legacy/event/sec06/tech/shah/shah.pdf
Sa93
R. Sandhu, “Lattice-Based Access Control Models,” IEEE Computer 26(11) pp. 9–19 (Nov. 1993); DOI: 10.1109/2.241422
SA06
J. Soon and J. Alves-Foss, “Covert Timing Channel Analysis of Rate Monotonic Real-Time Scheduling Algorithm in MLS Systems,” Proceedings of the 2006 IEEE Information Assurance Workshop pp. 361–368 (June 2006); DOI: 10.1109/IAW.2006.1652117
TL13
M. Tripunitara and N. Li, “The Foundational Work of Harrison-Ruzzo-Ullman Revisited,” IEEE Transactions on Dependable and Secure Computing 10(1) pp. 28–39 (Jan. 2011); DOI: 10.1109/TDSC.2012.77
WB04
T. Walcott and M. Bishop, “Traducement: A Model for Record Security,” ACM Transactions on Information and System Security 7(4) pp. 576–590 (Nov. 2004); DOI: 10.1145/1042031.1042035
Z+05
X. Zhang, Y. Li, and D. Nalla, “An Attribute-Based Access Matrix Model,” Proceedings of the 2005 ACM Symposium on Applied Computing pp. 359–363 (Mar. 2005); DOI: 10.1145/1066677.1066760
UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 235B, Foundations of Computer and Information Security
Version of March 30, 2025 at 6:05PM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh