Secure Computer Systems

Course ID 15793

Description This course is broadly focused on full-stack system security and will cover the foundations of building secure systems and cryptography. During the course we will cover hardware, system software, and cryptographic primitives for building secure systems, both within the datacenter environment and in the decentralized setting. The course will focus on the cross-cutting security requirements of systems and how to bolster their security guarantees using a combination of systems and cryptographic techniques. The lectures will cover fundamental security concepts (e.g., threat models, trusted computing base), and do a deep dive into state-of-the-art attacks and defenses (e.g., speculative execution attacks). The course will span a set of hardware security topics including trusted execution environments, side-channels, hardware attacks (e.g., Meltdown, Spectre, Rowhammer), software systems such as blockchains, anonymous messaging, and secure machine learning.

Key Topics
Threat Models, Trusted execution environments, Sandboxing, Side channels, Speculative execution, Virtualization, Memory Integrity, Fully Homomorphic Encryption, Anonymous messaging, Privacy-preserving machine learning, Blockchain

Learning Resources
There is no book prerequisite, material will be based on Computer Security and the Internet, research papers.

Course Relevance
The course should be appropriate for graduate students in all areas and for advanced undergraduates.

Pre-required Knowledge
Background in systems like 15-213, 15-410, 15-418 or equivalent will be helpful but there is no strict requirement in security background.

Assessment Structure
Grading will be based on a set of programming assignments and a class project.