CCIS path: SSEC = /home/lieber/.www/courses/csg379/f04/ Web path: SSEC = http://www.ccs.neu.edu/home/lieber/courses/csg379/f04/ 1. week: Jeanette Wing: A call to Action: lectures/Software Security Wing.ppt From the text book: lectures/Software Security.ppt Software Security Summer School 2004 Principles of System Security Myers, Cornell: security properties, security mechanisms, information flow security lectures/myers.pdf 2. Week: Binder: A Logic-based security language. See: lectures/week2 Discussion of homework 2. 3. Week: Security criteria by Saltzer/Schroeder. lectures/week3/lec1-security-f04.ppt Access Control Model Framework lectures/week3/lec1-security-f04.ppt Discussion of homework 3. More about DAJ: how to explore a Binder object. Complexity Theory/Algorithms and Security declare warning: statically executable advice Semantics for Safe Programming Languages lectures/week2/safelanguages.ppt CERT Experience with Security Problems in Software lectures/week2/CERTSecProblems.pdf Hansruedi Thomann: Modeling Secure Software slide 23: Software_Security.ppt 4. Week: Chinese Wall Policy Readability and Security ICSE 2004 Keynote address Hw 4 Hw 3 again http://www.gammassl.co.uk/topics/chinesewall.html Design of policy-specific languages http://www.ccs.neu.edu/home/lieber/courses/csu670/sp04/lectures/jun-gong-lecture.ppt 5. Week: ------------------------------------------------------------------------------------------- hw 4 again The reduction Using a class dictionary to explain a security policy and other concepts hw 5 Users/Principals/Subjects Refined Chinese Wall see *7.ppt below Low Water Mark Policy see *6.ppt below More on policies: /home/lieber/.www/courses/csg379/f04/lectures/week5/*[4-7].ppt Administrative: Grading Midterm Finish ICSE keynote