eec 688/788 secure and dependable computing
DESCRIPTION
EEC 688/788 Secure and Dependable Computing. Lecture 1 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University [email protected]. Outline. Motivation Syllabus. Motivation. Why secure and dependable computing is important ?* - PowerPoint PPT PresentationTRANSCRIPT
-
EEC 688/788Secure and Dependable Computing Lecture 1
Wenbing ZhaoDepartment of Electrical and Computer EngineeringCleveland State [email protected]
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoOutlineMotivationSyllabusEEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoMotivationWhy secure and dependable computing is important?*Increased reliance on software to optimize everything from business processes to engine fuel economy Relentlessly growing scale and complexity of systems and systems-of-systems Near-universal reliance on a commodity technology base that is not specifically designed for dependability Growing stress on legacy architectures (both hardware and software) due to ever-increasing performance demands Worldwide interconnectivity of systems Continual threats of malicious attacks on critical systems
*Taken from A high dependability computing consortium, James H. Morris, CSMU, http://www.cs.cmu.edu/%7Ejhm/hdcc.htmEEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoMore MotivationThe cost of poor software is very highAnnual cost to US economy of poor quality software: $60Bsource: US NIST Report 7007.011, May 2002.Industry needs greater dependability and securityImproved quality of productsImproved quality of development processesBetter system and network security, to avoid:viruses, trojans, denial of service, ...network penetration, loss of confidential data, ...Improved customer satisfactionEEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing Zhao(1996 Cost of Downtime Study by Contingency Planning Research)EEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoProblem of Data BreachCompromised computer systemsLost laptop, backup tapesWell-known incidentsMassive confidential data loss in a UC Berkley system (1.4 million people are affected)http://www.securityfocus.com/news/9758Potential revealing of personal data of 26.5 million veterans due to loss of laptopshttp://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1189759,00.htmlEEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoCost of Data BreachData loss costs U.S. businesses more than $18 billion a year (according to a 2003 study)http://www.usatoday.com/tech/news/computersecurity/2006-06-11-lost-data_x.htm?csp=2Data breaches cost companies an average of $182 per compromised record => typically several million dollars per incidenthttp://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1227119,00.htmlEEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoIndustry is Embracing Secure and Dependable ComputingThe hardware platforms are changing:SmartcardsPervasive computing / embedded systemsIBM, Sun autonomic computingMajor PC dependability and security initiatives under way:Trusted Computing GroupPromoters: Intel, HP, Compaq, IBM, MicrosoftMicrosofts trustworthy computing pushIntels LaGrande dependable hardwareEEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoCourse ObjectivesHave solid understanding of the basic theory of secure and dependable computingGetting familiar with some basic building blocks (tools and APIs) needed to build secure and dependable systemsNo attempt to be comprehensive: topics covered are what I am interested in and what I think importantEEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoPrerequisiteOperating system principlesProcesses, scheduling, file systems, etc.Computer networksTCP, UDP, IP, Ethernet, etc.Java programming languageAt least you should know how to write a Hello World programYou dont have to be a Java expertEEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoGrading PolicyClass participation (10%)Three midterms (60%)5 labs (20%)Mandatory attendanceCourse project (10%) EEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoGrading PolicyA: 90-100%A-: 85-89%B+: 75-84%B: 65-74%B-: 55-64%C: 50-54%F: You get F grade During presentation, I will ask you questions => Your grade on the project will be reduced significantly if I determine you dont know what you are talking aboutYou lose the chance of learning something practical and useful for your future careerEEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoWhat You Should DoMake your own design, code your own systemWrite in your own words and create your own power point slidesDont copy and paste => I can detect it easilyIf you are on a team, make your best contribution to the projectDifferent grade might be assigned to different team membersStart early and dont wait until the last week of the semester to startCommunicate with me often and ask for helpEEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoProject PresentationEach team is required to give an oral presentation in class (10-15min)Describe briefly your design, implementation, correctness and performance evaluationDont spend too much time on background infoDont mention something you dont know: I will ask you questionsIt is best to show a demo of your workTop 3 projects voted by students will get full credit automaticallyEEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoProject Report RequirementIntroduction: define the problem domain and your implementation. Provide motivation on your systemSystem model: assumption, restrictions, modelsDesign: component diagram, class diagram, pseudo code, algorithms, header explanationImplementation: what language, tools, libraries did you use, a simple user guide on how to user your systemPerformance and testing: throughput, latency, test casesRelated workConclusion and future workEEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoProject Report RequirementReport format: IEEE Transactions format. 4-10 pagesMS Word Template http://www.ieee.org/portal/cms_docs/pubs/transactions/TRANS-JOUR.DOCLaTex Template http://www.ieee.org/portal/cms_docs/pubs/transactions/ IEEEtran.zip (main text)http://www.ieee.org/portal/cms_docs/pubs/transactions/ IEEEtranBST.zip (bibliography)Report due: December 9th midnight (no extensions!)Electronic copy of the report & source code requiredEEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoExamsThree midtermsExams are closed book and closed notes, except that you are allowed to bring with you a one-page cheat sheet no larger than the US letter size (double-sided allowed)There is no makeup exam!EEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoDo not cheat!Do not copy other students lab report, exams or projectsDo not copy someone elses work found on the InternetIncluding project implementation and reportYou can quote a sentence or two, but put those in quote and give referenceYou can build your projects on top of open source libraries, but again, you need to explicitly give acknowledgement and state clearly which parts are implemented by you EEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoConsequences for CheatingYou get 0 credit for the project/lab/exam that you have cheatedIf the task is worth more than 25% of the course, it is considered a major infractionOtherwise, it is considered a minor infractionEEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoConsequences for CheatingFor major infraction and repeated minor infractionsYou will get an F grade, and You may be suspended or repulsed from CSUCSU Code of Conducthttp://www.csuohio.edu/studentlife/conduct/StudentCodeOfConduct2004.pdf
EEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoReference TextsSecurity in Computing (4th Edition), by Charles P. Pfleeger, Shari Lawrence Pfleeger, Prentice Hall, 2006Computer Networks (4th Edition), by Andrew S. Tanenbaum, Prentice Hall, 2003Cryptography and Network Security: Principles and Practices (3rd Edition), by William Stallings, Prentice Hall, 2003SSH, the Secure Shell (2nd Edition), by Daniel J. Barrett, Robert G. Byrnes, Richard E. Silverman, O'Reilly, 2005EEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoReference TextsReliable Computer Systems: Design and Evaluation (3rd Edition), by Daniel P. Siewiorek and Robert S. Swarz, A K Peters, 1998Distributed Systems: Principles and Paradigms, by Andrew S. Tanenbaum, and Maarten van Steen, Prentice Hall, 2002Reliable Distributed Systems: Technologies, Web Services, and Applications, by Kenneth P. Birman, Springer, 2005Network Intrusion Detection (3rd Edition), by Stephen Northcutt, Judy Novak, New Riders Publishing, 2002EEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
*
*Wenbing ZhaoInstructor InformationInstructor: Dr. Wenbing ZhaoEmail: [email protected] hours: MW 2:00-3:50pmOffice hours: MW 12:00-2:00pm and by appointmentAnonymous email:[email protected]:if you are not happy, please do let me know Course Web site:http://academic.csuohio.edu/zhao_w/teaching/EEC688-F09/eec688.htmEEC688/788 Secure and Dependable Computing
EEC688/788 Secure and Dependable Computing
***For undergraduate students: (if you choose to the labs option)
*More detailed guideline from ECE is coming***