Secure/Trusted Operating Systems Seminar

Secure/Trusted Operating Systems (Seminar - Winter 2006/2007)

Examiner:

Organizer:

Supervisors:

Abdelmajid Khelil
Andréas Johansson
Constantin Sarbu
Dan Dobre
Faisal Karim
Marco Serafini
Md. Shariful Islam
Robert Lindström

Useful links

IEEE Xplore (only available from TUD)
ACM Digital Library (only available from TUD)
(look a bit down on the page to find the link to ACM)
CiteSeer (especially useful to search for citations)
Google Scholar

Description

Operating Systems today play a major role in a very wide variety of products and services. They form (together with the hardware) the basic building blocks on which products and services are built. The continued provision of basic services is of key importance not only in traditional safety-critical systems, but also in online business critical systems.

As gadgets and systems become increasingly interconnected (for instance accessible over the Internet) their susceptibility to malicious attacks from the environment increases. Protection from attacks is inherently difficult since it is very hard to anticipate the types of expected attacks beforehand, and a single vulnerability can be sufficient to render the whole system untrustworthy.

There are two fundamental paradigms to build a more secure system, which consequently can be trusted with vital responsibilities. In the first approach systems are built to be open access, everyone is free to contribute with more applications services. Trustworthiness is ensured through the inherent robustness/quality of the system, enhanced by selected detection and recovery techniques. The second approach is to build a close system, where each application and service is predetermined to be trustworthy/untrustworthy, and mechanisms (HW and SW) are in place to enforce policies on components depending on their level of trustworthiness. There are also hybrid models, combining the two approaches.

Registration

Registration is closed now!

To register to this seminar course, please send an email to the address below. Make sure that you include the following information in your application:

First name
Last name
Matriculation number
Department (FB20 for instance)
Program (Bachelor Informatik for instance)
Start of study (2004 for instance)

stos@deeds.informatik.tu-darmstadt.de

Do not forget that you also need to register with the "Prüfungssekretariat" or equivalent depending on your program of study. This registration is only for our internal purposes.

In case of too many participants precedence will be given to the ones who have sent emails, in chronological order. You can also simply show up for the first lecture, but if you want to be sure, send an email!

Structure

The first meeting in the course on October 19th 11:40-13:20 in room S2:02 E215 is mandatory and at this meeting we will assign topics to each student. There is a limited set of topics, listed below, which restrict the number of participants. We will assign the topics in chronological order, according to the incoming registrations. So please show up, or you will not get a topic!

Some time by the end of November you are required to attend one update meeting with your supervisor. Here the supervisor is interested in hearing about your progress with the report. You are expected to prepare the following things before the update meeting:

Detailed specification of the area/theme for the report
List of relevant literature (paper, books etc) to be used
Draft of the structure for the report

You are required to give a short presentation (5 minutes) to the rest of the class on December 14th 11:40-13:00 in room S2:02 E215.

One week before the report deadline your supervisor would like to see a draft version of your report. The final report is due on January 22nd. You will then need to present your work to the rest of the class at a joint presentation seminar on February 5th between 09:00 and 15:00 in S202/E202 (1 hour rest is scheduled).

Schedule

There are no regular lectures in this seminar course. Instead you are to work on your own and report your progress to your supervisor.

Expected results

Report: Each student chooses one paper in an area of interest. The report should be 10 pages in spell checked English and preferably be written using Word or Latex, 10 or 11pt. It must contain a title page with the name of all authors as well as an abstract. The report should also contain discussion, summary and bibliography sections. It should be handed in electronically, either in pdf or ps format. Templates can be found here [LaTeX, MS Word].

Final presentation: Each student gives a presentation on the selected topic. Each presentation is to be 20 minutes long . Presentations can be held either in English or German. Slides (either PowerPoint or pdf) should be used. Let us know if you need any special equipment for your presentation. We will provide a laptop and a projector. If you have made last minute changes, then please show up ten minutes early, so that we can transfer the file.

List of themes and papers

A list of available themes:

Virtual Machine Technology for Secure and Dependable Computing
Recovery Oriented Fault-Tolerance
OS Reliability Engineering
Secure Distributed Storage
Trusted Computing
Secure/Trusted OS for Resource-Constrained Devices