CS 590U

Access Control: Theory and Practice

Spring 2005

Syllabus

Back to course homepage

Reference Books:

Chapters of the following books are useful for the course. The first one is available on the Web. Required readings from the other books will be handed out in class. The Amoroso book and the Anderson book have been placed under reservation in the Math&CS library.

Morrie Gasser: (available online) Building A Secure Computer System. Van Nostrand Reinhold Co., 1988.
Edward Amoroso: Fundamentals of computer security technology. Prentice Hall, 1994.
Ross Anderson: Security engineering : a guide to building dependable distributed systems. Wiley, 2001.
E.A. Demillo et al., editors: Foundations of Secure Computation. Academic Press, 1978.
Dieter Gollmann: Computer Security. Wiley, 1999.

Date	Topic	Readings Before Each Lecture
Introduction
Tue Jan 11	Introduction to the course Slides Assignment 1 & Pre-proposal instruction
Thu Jan 13	Overview of project topics Slides	Anderson Book: Sections 4.1 & 4.2 (Handout) Gollmann Book: Chapter 3: Access Control (Handout)

The Foundations

Tue Jan 18 (HW1 due)	State-Transition Systems Access control matrices The Graham-Denning DAC schemes Slides	Gasser Book: Chapter 3 G.S. Graham & P.J. Denning: "Protection: Principles and Practice" AFIPS Spring Joint Computer Conference, 1972 (Handout)
Thu Jan 20 (Pre-proposal due)	Partial order Lattices Security labels Slides Assignment 2	Handout on Orders and Lattices (Latex Source)
Tue Jan 25	The Bell-Lapadula MAC model Slides	Gollmann Book: Chapter 4: Security Models (Handout) D. Bell and L. LaPadula. "Secure computer systems: Unified exposition and Multics interpretation". Technical Report ESD-TR-75-306, MITRE Corp., March 1976. Section II: Description of the Model Complete Report (Optional Reading) Optional reading: J. McLean: "Reasoning about security Models", in Oakland'1987. D.E. Bell: "Concerning 'Modeling' of Computer Security", in Oakland'1988.
Thu Jan 27 (HW2 due)	Safety analysis The HRU scheme Slides	M.A. Harrison, W.L. Ruzzo, and J.D. Ullman: Protection in Operating Systems. CACM, August 1976.
Tue Feb 1	Safety analysis, DAC, HRU, and Take-Grant revisited Slides Assignment 3	DeMillo book: R.S. Fabry: "One Perspective on the Results about the Decidability of System Safety". (Handout) A.K. Jones: "Protection Mechanism Models: Their Usefulness" (Handout)
Thu Feb 3	Noninterference Slides	Goguen and Meseguer. "Security Policies and Security Models". In Oakland'1982. Optional reading: D. Sutherland. "A Model of Information", NCSC'1986. (Handout)
Tue Feb 8 (HW3 due)	Nondeducability The confinement problem Covert channels Slides	B. Lampson. "A note on the confinement problem." CACM, October 1973. S.B. Lipner, M. Bedford. "A Comment on the Confinement Problem", In SOSP, November 1975.
Thu Feb 10	Biba integrity model Clark-Wilson model The Chinese Wall policy Slides Assignment 4	D.D. Clark and D.R. Wilson. "A Comparison of Commercial and Military Computer Security Policies" In Oakland, 1987. Readings for HW4 D.F.C. Brewer and M.J. Nash: "The Chinese Wall Security Policy", in Oakland'1989. R.S. Sandhu: "Lattice-Based Enforcement of Chinese Walls", in Computer & Security, December 1992.

Role-Based Access Control (RBAC)

Tue Feb 15

RBAC96
NIST RBAC Standard
Slides

R.S. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman. Role-Based Access Control Models. IEEE Computer, 29(2):38--47, February 1996.
Optional reading:
- ANSI Standard on Role-Based Access Control

Thu Feb 17

(HW4 due)

Separation of Duty in RBAC
Slides

N. Li, Z. Bizri, and M.V.Tripunitara: "On Mutually-Exclusive Roles and Separation of Duty", In CCS'2004.
- Draft of the version to be submitted to a journal. (Which has more explanations, and thus may be easier to follow.)

Tue Feb 22

Constraint Generation in RBAC
Administration in RBAC
Slides

R.S. Sandhu, V. Bhamidipati, and Q. Munawer: The ARBAC97 model for role-based administration of roles. TISSEC February 1999.

Trust Management and Automated Trust Negotiation

Thu Feb 24	Basics of Logic & Logic Programming Slides	U. Nilsson and J. Maluszynski: Logic, Programming and Prolog Chapters 1 & 2
Tue Mar 1	Overview of Trust Management Slides	M. Blaze, J. Feigebaum, and J. Lacy: Decentralized Trust Management. In Oakland'1996.
Thu Mar 3 (Proposal due)	SDSI No new slides Assignment 5	D. Clarke et al.: Certificate chain discovery in SPKI/SDSI, JCS, November 2001.
Tue Mar 8	RT0 and Distributed Credential Chain Discovery Slides	N. Li, W.H. Winsborough, and J.C. Mitchell: Distributed Credential Chain Discovery in Trust Management. Journal of Computer Security, February 2003. Conference version in CCS 2001.
Thu Mar 10 (HW5 due)	Semantics for SDSI Slides	N. Li and J.C.Mitchell: Understanding SPKI/SDSI Using First-Order Logic. To appear in International Journal of Information Security. Preliminary version in CSFW 2003. N. Li, J.C.Mitchell, and W.H. Winsborough: Design of A Role-based Trust-management Framework. IEEE Symposium on Security and Privacy, 2002.

Tue Mar 15	Spring Break
Thu Mar 17	Spring Break

Tue Mar 22	The RT family of Role-Based Trust Management Languages Security Analysis in RBAC Security Analysis in Trust Management Slides	N. Li, J.C. Mitchell, and W.H. Winsborough: Beyond Proof-of-compliance: Security Analysis in Trust Management. To appear in Journal of the ACM. Conference version in IEEE Symposium on Security and Privacy 2003.
Thu Mar 24	Security Analysis in Trust Management (Continued) No new slides Assignment 6	No new readings
Tue Mar 29	Lecture given by Mahesh V. Tripunitara Expressive power of access control schemes Slides	M.V.Tripunitara and N. Li: A Theory for Comparing the Expressive Power of Access Control Models. In CCS'2004.
Thu Mar 31 (HW6 due)	Automated Trust Negotiation Slides	M. Winslett, T. Yu, K. E. Seamons, A. Hess, J. Jacobson, R. Jarvis, B. Smith, and L. Yu. Negotiating Trust on the Web. IEEE Internet Computing, vol. 6, no. 6, November/December 2002. T. Yu, M.Winslett, and K.E.Seamons. Automated Trust Negotiation over the Internet. 6th World Multiconference on Systemics, Cybernetics and Informatics, Orlando, FL, July 14-18, 2002.
Tue Apr 5	Capabilities Slides	N. Hardy: The Confused Deputy. In Operating Systems Review, 22(4), 1988. M.S. Miller, K-P Yee, and J. Shapiro: Capability Myths Demolished. Johns Hopkins Tech Report, 2003. Optional reading: (Helpful in understanding the previous two papers) N. Hardy: KeyKOS Architecture. In Operating Systems Review, 19(4), 1985.
Access Control in Databases
Thu Apr 7	Lecture given by Ji-Won Byun and Mahesh V. Tripunitara Griffiths-Wade Overview of Access Control in Oracle Slides on Griffiths-Wade Slides on Oracle	P.P. Griffiths and B.W. Wade. "An authorization mechanism for a relational database system" ACM Transactions on Database Systems (TODS), Volume 1 , Issue 3 (September 1976), Pages: 242 - 255
Tue Apr 12	The Ingres approach The Virtual Private Databases approach Other query rewriting approaches Slides	M. Stonebraker and E. Wong: Access control in a relational data base management system by query modification. ACM Proceedings of the 1974 annual conference. Oracle Virtual Private Databases
Misc Topics
Thu Apr 14	Firewalls Review of the course Slides	E Bertino, E Ferrari, V Atluri. "The specification and enforcement of authorization constraints in workflow management systems". In ACM TISSEC 1999. Mohamed G. Gouda and Alex X. Liu: Firewall Design: Consistency, Completeness and Compactness. In ICDCS 2004.
Project & Other Presentation
Tue Apr 19	Abhi Jiangtao Qihua
Thu Apr 21	Ian Paul Ryan
Tue Apr 26	Ji-Won Byun: Purpose-Based Access Control in Databases Yunhua Koglin An update protocol for XML documents in Distributed and Cooperative Systems	J-W Byun, E. Berino, and N. Li: Purpose Based Access Control of Complex Data for Privacy Protection. To appear in SACMAT 2005. Y. Koglin, G. Mella, E. Bertino, and E. Ferrari: An Update Protocol for XML Documents in DIstributed and Cooperative Systems. To appear in ICDCS 2005.
Thu Apr 28	Ji-Won Jing Yu