Lecture 1: Introduction

Fred ChongCS290N Architectural Support for

Secure and Reliable Computing

Description

• This course will examine architectural designs and mechanisms that enhance the security and reliability of computing systems. The course will initially cover the basic properties and building blocks of secure and reliable systems from an architect's perspective. Then we will survey the state of the art. Students will pursue an in-depth class research project relating to the topics covered.

Logistics

• Time: TR 9-10:50 Room: Phelps 2510 Instructor: Prof. Fred Chong; office hours by appointment; Eng I 5163Textbook: Security Basics for Computer Architects , by Ruby B. Lee. (should be free from a UCSB machine)

• http://www.cs.ucsb.edu/~chong/290N/• No class: 5/20,22

Deadlines

• Project Proposal due 4/15 • Project Drafts due 5/20 • Project final papers due 6/6

Grading

• Problem Sets 15% • Discussion Topic 25% • Project Proposals and Drafts 20% • Project Final Report 40%

Problem Sets

• For each assigned paper, write up the following and e-mail me a copy before class: – A summary of the main points of the paper. – A critique of any shortcomings of the paper. – Any ideas on how one would extend the ideas in

the paper or address its shortcomings.

Leading Discussion

• Assign a paper for the class to read, one week before your discussion day.

• Present the paper and supplemental material on your assigned day. Lead discussion, with my help, on the subject.

Project Paper

• The project has two goals: – A critique of 3-5 related research papers. This is not a

book report. Do not just summarize what is in the papers. Point out shortcomings and possible areas for extension.

– Extension of the area. Address shortcomings or extend the work in the papers. Come up with some ideas and test them with a short project. This can be in the form of some simple analysis, simulations, algorithms, or models. Remember to pick something that will fit in a quarter.

• Example project paper: – http://www.cs.ucsb.edu/~chong/ftchong-area.ps

• Textbook: Security Basics for Computer Architects , by Ruby B. Lee. (should be free from a UCSB machine)

• Synthesis Lecture– Short, geared towards researchers

Security Properties

• Reliability is related to Security• Sometimes termed together as “Trustworthy Systems”

Access Control

Forensic Properties

Individual Properties

Trustworthy vs Trusted

• Secure Computer System– Ideally provides Integrity, Confidentiality, Availability

• Trustworthy Computer– Designed to be dependable and provide security properties

• Trusted Computer– Security depends upon this machine and all bets are off if it is

compromised• Trusted Computing Base

– All hw and sw that must be trusted– No commodity systems form a dependable trusted computing base– TCM (Trusted Computing Module) – a piece that can be trusted

Attacks by Property

Attacks by Modality

Remote vs Physical Access

• Remote Intrusion• Physical Access– Software attacks– Passive electro-magnetic, thermal observation– Physical tampering• Memory bus probes• Exposing the chip die

Security Architecture Design Methodology

“Lee’s Mantra”

Reading

• Ch 1 and 2 of Lee’s book

Example: Minos and DACODA

• Defense against remote intrusions• Control-flow hijacking– Buffer-overflow attacks

• Signature-based defenses• Zero-Day Attacks