USC Computer Science 599 (CSci 599): Trusted Computing - Spring 2007

Lecture Friday - 1:00 PM to 3:20 PM, Location KAP 167
Clifford Neuman

Announcements

Prerequisites

It will be very helpful for students to have completed either CSci530 or CSci555 before enrolling in this 599.

Instructors and Assistants

Course content

The Trusted Computing class will cover requirements for and the implications and applications of trusted computing technologies. It will discuss the underlying mechanisms needed for trusted computing, from hardware and OS support, through the mechanisms used to make authorization decisions. It will choose several applications of trusted computing technologies, including digital rights management, admission control to corporate networks, and approaches to limit the effects of viruses, worms, and Phishing attacks, and it will show how a trusted computing architecture can be built and deployed.

The course will provide an intensive overview of technologies that support trusted computing, including virtualization, key management, and code signing. The course will cover the implications of certification and will look at trust models that protect not just the providers of information, but which protect the end user as well. Students will learn how to develop applications that need assurances about the environment within which they run, and about the software with which they communicate over computer networks.

Students will complete a final project in which they will design software components that utilize trusted computing to provide stronger assurances than is possible in traditional computer systems. They may optionally implement a prototype of their application.

Assignments

Readings

Readings will be assigned throughout the semetser including readings critical discussion of the philosopy of trusted computing, specifications for hardware and syste architectures for trusted computing, discussion of the protections needed to support trusted computing including virualization, secure operating systems, containement, and other topics.

Course Schedule

The basic topics covered by week are listed below. In addition to the formal discussion, there will be ongoing group discussions of student projects that will demonstrate applications of trusted computing technologies. These discussion will occur during lecture so that all student can participate in critiquing and helping to improve the ideas of other students.
  1. Introduction - What is trusted computing and who does it protect? (1/12/2007 lecture notes)
  2. The hardware basis for Trusted Computing. (1/19/2007 lecture notes)
  3. The Software / OS basis for Trusted Computing. (1/26/2007 lecture notes audio1 audio2 )
  4. Virtualization. (2/2/2007 lecture notes audio1 audio2 )
  5. Managing encryption keys (2/9/2007 lecture notes audio1 audio2 )
  6. Enforcement of Policy (2/16/2007 lecture notes audio )
  7. Mid-term exam - Discussion of Exam Questions - Digital Rights Management (2/23/2007 preliminary lecture notes audio)
  8. Negotiating Trust (3/2/2007 lecture notes audio)
  9. Propagating obligation - Network Admission Control (3/9/2007 lecture notes audio)
  10. Case study - Protecting the platform from malicious code (3/28/2007 lecture notes audio )
  11. Class discussion of student projects. (3/30/2007 lecture notes audio )
  12. Managing trusted computing domains. (4/06/2007 lecture notes audio) )
  13. Discussion of relation of Trusted Computing to current topics. (lecture 14) (4/20/2007 lecture notes partial audio - missing start of lecture)
  14. Current news in trusted computing (lecture 15) (4/27/2007 lecture notes audio)

Instructors and Assistants

Course Grade Components