home button

Foundations of Software Security
USF CIS 6373, Spring 2021

Announcements

Final grades are posted in Canvas.

Course materials

Syllabus

Grades

Please use Canvas to check your grades.

Schedule (filled in as the semester progresses)

Dates Topics Reading (discussed in class)
01/11 Introduction Class notes
01/13 Research publications Enforceable Security Policies
01/20 Research publications Enforceable Security Policies
01/25 Enforceability theory Enforceable Security Policies
01/27 Enforceability theory Enforceable Security Policies
02/01 Enforceability theory Enforceable Security Policies
02/03 Enforceability theory Nonsafety
02/08 Enforceability theory MRAs
02/10 Enforceability theory (1) MRAs
(2) SMAs
02/15 Enforceability theory (1) GUT of enforcement
(2) Gray policies
02/17 Enforceability theory Gray policies
02/22 Policy specification LoPSiL
02/24 Policy composition Polymer
03/01 Policy composition PoliSeer
03/03 Policy composition PoCo
03/08 Policy composition PoCo
03/10 Authentication Coauthentication
03/15 Authentication; IoT; Privacy Coauthentication
03/17 Authentication; Cryptography Coauthentication
03/22 Authentication; Cryptographic protocols Coauthentication
03/24 Vulnerability categories and trends (1) CWE/SANS
(2) OWASP
03/29 Buffer overflows (1) StackGuard
(2) BO in Sudo
03/31 Code-injection attacks CIAOs
04/05 Non-code injection attacks; Identifier-injection attacks (1) BroNIEs
(2) SQL-IDIAs
04/07 Immune-system metaphor (1) Architecture
(2) IDSs
04/19 Memory I (1) Hot
(2) Cold
04/21 Memory II (1) RowHammer
(2) for clouds
(3) and mitigations
04/26 Trust; Backdoors (1) Reflections
(2) SolarWinds & Sunspot
04/28 Verified compilation (1) CompCert1
(2) CompCert2