6.858 Computer Systems Security is a class about the design and implementation of secure computer systems. Lectures cover threat models, attacks that compromise security, and techniques for achieving security, based on recent research papers. Topics include operating system (OS) security, capabilities, information flow control, language security, network protocols, hardware security, and security in web applications.
1. Introduction, Threat Models. 2. Control Hijacking Attacks. 3. Buffer Overflow Exploits and Defenses. 4. Privilege Separation. 6. Capabilities. 7. Sandboxing Native Code. 8. Web Security Model. 9. Securing Web Applications. 10. Symbolic Execution. 11. Ur/Web. 12. Network Security. 13. Network Protocols. 14. SSL and HTTPS. 15. Medical Software. 16. Side-Channel Attacks. 17. User Authentication. 18. Private Browsing. 19. Anonymous Communication. 20. Mobile Phone Security. 21. Data Tracking. 22. Guest Lecture by MIT IS&T. 23. Security Economics.