Note:
If you are taking the course for credit, then you must hand in a
two paragraph summary and critical evaluation for each paper
listed. The schedule is likely to change dynamically based on the
interests of the participants, so try to read ahead.
Wed 4 Feb: Overview
Mon. 9 Feb: Software-Based Fault Isolation
R.Wahbe, S.Lucco, T.E.Anderson, and S.L.Graham.
Efficient Software-Based Fault Isolation,
ACM SIGOPS Operating Systems Review,
27(5):203-216, December 1993.
C.Small.
MiSFIT: A Tool for
Constructing Safe Extensible C++ Systems,
Proceedings of the Third USENIX Conference
on Object-Oriented Technologies, Portland, Oregon, June 1997.
Wed 11 Feb: Typed Assembly Language (Pt 1)
G.Morrisett, Typed Assembly Language. To appear in B.C.Pierce
editor.,
Advanced Topics in Types
and Programming Languages, MIT Press. (Contact Greg
for a draft copy of the book.)
G.Morrisett, D.Walker, K.Crary, and N.Glew.
From System-F to Typed Assembly Language.
In
ACM Symposium on Principles of
Programming Languages (POPL), January 1988, San Diego, pp. 85-97.
Mon 16 Feb: No class.
Wed 18 Feb: Typed Assembly Language (Pt 2)
H.Xi and R.Harper.
Dependently Typed
Assembly Language, In
Proceedings
of the International Conference on Functional Programming (ICFP),
September 2001, Florence, pp. 169-180.
G.Morrisett et al. TALx86: A Realistic Typed Assembly
Language, In
ACM SIGPLAN Workshop on
Compiler Support for System Software, May 1999, Atlanta, pp.
23-35.
Wed 25 Feb: Proof-Carrying Code (Pt 1)
G.C.Necula. Proof-Carrying Code. To appear in B.C.Pierce
editor,
Advanced Topics in Types and
Programming Languages, MIT Press. (Contact Greg
for a draft copy of the book.)
Mon 1 Mar: Proof-Carrying Code (Pt 2)
G.C.Necula and P.Lee.
The Design
and Implementation of a Certifying Compiler,
Proceedings of the 1998 ACM SIGPLAN
Conference on Prgramming Language Design and Implementation (PLDI), June
1998, pp. 333-344.
Wed 3 Mar: No Class
Mon 8 March: Stack Inspection
Cedric Fournet and Andrew D. Gordon.
Stack inspection: theory and variants,
ACM Symposium on Principles of Programming Languages (POPL), January 2002, pp. 307-318.
Wed 10 March: Inlined Reference Monitors
Ulfar Erlingsson and Fred B. Schneider.
IRM enforcement of Java stack inspection. Proceedings 2000 IEEE Symposium on Security and Privacy (Oakland, California, May 2000), IEEE Computer Society, Los Alamitos,California, 246-255.
Mon 15 March: Model Checking
Hao Chen and David Wagner.
MOPS: an Infrastructure for
Examining Security Properties of Software. ACM Conference on Computer
and Communications Security (CCS), 2002?
Mon 17 March: Static Analysis for C/C++
William R. Bush, Jonathan D. Pincus and David J. Sielaff.
A Static Analyzer for Finding Dynamic
Programming Errors. Software Practice and Experience 2000,
30:775-802.
Mon 22 March: Simple Information Flow
Nevin Heintze and Jon G. Riecke.
The SLam Calculus: Programming with Secrecy and Integrity. Proceedings of the ACM Symposium on Principles of Programming Languages (POPL), San Diego, CA, January 1998.
Wed 24 March: Modeling Protocols
Martin Abadi and Andrew D. Gordon.
A Calculus for Cryptographic Protocols: The Spi Calculus. Proceedings of the Fourth ACM Conference on Computer and Communications Security, ACM Press, April 1997, 36-47.
Mon 29 March: no class (spring break).
Wed 31 March: no class (spring break).
Mon 5 April: Language-Based Extensible Operating Systems
Brian Bershad et al.
Extensibility, Safety and Performance in the SPIN Operating System. Proceedings of the 15th ACM Symposium on Operating System Principles (SOSP-15), Copper Mountain, CO, December 1995, 267-284.
Wed 7 April: Language-Based Extensible Operating Systems II
Chris Hawblitzel et al.
Implementing Multiple Protection Domains in Java. Usenix Annual Technical Conference, New Orleans, LA, June 1998.
Mon 12 April: no class.
Wed 13 April: Securing Legacy Code
George Necula et al.
Ccured: Type-safe Retrofitting of Legacy Code. Proceedings of ACM Symposium on Principles of Programming Languages (POPL'02), January 2002.
Mon 19 April: Foundational PCC
Andrew W. Appel.
Foundational Proof-Carrying Code. In 16th Annual IEEE Symposium on Logic in Computer Science (LICS'01). June 2001.
Andrew W. Appel and Amy Felty.
A Semantic Model of Types and Machine Instructions for Proof-Carrying Code, In 27th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL'00). pp. 243-253, January 2000.
Wed 21 April: Foundational PCC II
Amal J. Ahmed et al.
A Statified Semantics of General References Embeddable in Higher-Order Logic. In 17th Annual IEEE Symposium on Logic in Computer Science (LICS 2002), pp. 75-86, Copenhagen, Denmark, July 2002.
Amal suggests that you instead read
these draft chapters from her thesis.
Mon 26 April: Information Flow Overview
Andrei Sabelfeld and Andrew C. Myers.
Language-Based Information-Flow Security. IEEE Journal on Selected Areas in Communications, 21(1), January 2003.
Wed 28 April: Secure Program Partitioning
Steve Zdancewic et al.
Secure Program Partioning. ACM Transactions on Computing Systems, 20(3):283-328, August 2002.
Mon 3 May: Bytecode Design
Michael Franz et al.
Making Moblie Code both Safe andEfficient. In J. Lala (Ed.) Foundations of Intrustion-Tolerant Systems, IEEE Computer Society Press, to appear.
Wed 5 May; Making Real Kernels More Secure
Michael Swoft, Brian N. Bershad, and Henry M. Levy.
Improving the Reliability of
Commodity Operating Systems. In 19th ACM Symposium on Operating Systems
Principles, Bolton Landing, NY, Oct. 2003.