CIS 890, Fall 2004

Language Based Security

In this course, we shall address approaches to computer security that are mostly language-based (as opposed to cryptographic, etc.) A strong case for such approaches can be found in the final summary of the recent Dagstuhl seminar.

• Log file: what was presented when
• Reading list (to be expanded along the way)

Further information

Instructors:

Torben Amtoft and Anindya Banerjee

Time:

Tuesdays, 9:00-11:30am, in the conference room (N236)

Prerequisites:

A background in programming languages, for example CIS 301 and 505, is useful for the course. A background in systems, for example CIS 520/720, would also come in handy.

List of topics (preliminary)

information flow analysis, access control, concurrency, secure web services, secure coding, secure OS.

Credit:

Active class participation

is vital for getting a grade!

Presentations of papers

Each of you should select one or more pieces of work related to (language-based) security, and present in class. You could choose from the papers on the reading list, or pick among the topics of The Dagstuhl Seminar on Language-Based Security.

Projects

Each of you should write a small report, describing (necessarily preliminary) work on a project related to language-based security. This could be a basis for future research/publications with us.