Semester | |
Module # | INF-IBR-07 |
Programme | Master Informatik |
IBR Group | DS (Prof. Kapitza) |
Type | Vorlesung/Übung |
Lecturer | |
Assistant | |
Hiwi | |
Credits | 5 |
Hours | 2+2 |
Time & Place | Due to Corona virus and the current circumstances, the lecture and the lab tutorial in the winter semester 20/21 will be held online! The time slots of the lecture, exercise and lab tutorial stay the same. The registration to this course is done on this website as usual. Lecture (weekly): Mondays, 13:15 - 14:45, Room 161, BBB Exercise lecture (Tafelübung, irregular): Wednesdays, 15:00 - 16:30, Room 161, BBB Rechnerübungen (weekly): - Tuesdays, 13:15 - 14:45 (Mattermost, BBB) - Fridays, 15:00 - 16:30 (Mattermost, BBB) Exceptions: - Exercise lecture is irregular, please see the calender below for the dates - There will be no lecture on 07.12.2020, 21.12.2020-10.01.2021 - On 11.01.2021 and 13.01.2021 the lecture and the exercise slots will be switched - Due to unexpected time conflicts there will be no lecture on 13.01.2021
Lecture and exercise detailsPlease login in order to see more details!Please share the given links only with people that are also attending or registered to this course! The lecture and the exercise are based on the following tools: Lecture and exerciseThe lecture and exercise will take place at the aforementioned timeslots in the IBR's BBB instance. The BBB's link to the lecture/exercise:
Please login to get more information here.
Homework submissionThe homework control will also take place online in a separate BBB instance: Homework control BBB link:
Please login to get more information here.
Lab tutorialThe optional lab tutorial will take place in the above mentioned timeslots also in BBB. There will be a Mattermost channel where students as well as HiWis are gathered. You can freely use this channel to communicate with your colleagues and also ask your question related to this course and the homework. In the tutorial timeslot, you can inform the HiWi to switch to BBB instance (same link as the Homework control BBB instance) in case you want to share the screen to explain a specific issue with the homework. Hinweis: Discord or any propietary communication programs are not allowed to be used for Homework control Oral Exam The dates for the exam will be announced soon. For registration, please contact the secretary Antje Lemke.
|
Start | The first lecture starts on wednesday 28.10.2020 in the exercise time slot. Otherwise, as regular on mondays. The first exercise lecture starts on wednesday 04.11.2020. The first lab (Rechnerübungen) starts on 06.11.2020. |
Attendees | Students of computer science |
Prerequisites | none |
Certificates | Passed oral or written exam as well as sucessfull participation during the exercises. |
Registration | Die Anmeldefrist ist abgelaufen.
Please login to get more information here as a
mitarb
member.
|
Content | Material zur VorlesungThe material is only available to registered attendees. In order to register, you need either an IBR account or a self-activated IBR-y-account. Afterwards you can login to this site (with the function at the top of this page). [ Podcast | Podcast aller Formate | Newsfeed aller Formate ] | Chapter | Slides | BBB | Exercises |
---|
1. Introduction and Overview | | | | 2. Threats and Security Principles | | | | 3. Multics | | | | 4. LSM | | | | 5. Integrity | | | | 6. SELinux | | | | 7. SGX | | | | 8. Security Kernels | | | | 9. VMM | | | |
Material zur ÜbungThe material is only available to registered attendees. In order to register, you need either an IBR account or a self-activated IBR-y-account. Afterwards you can login to this site (with the function at the top of this page). [ Podcast | Podcast aller Formate | Newsfeed aller Formate ] | Chapter | Slides | Exercises |
---|
Paper Analysis 01 | | | 1. Organisation and Intro to Namespaces | | | Paper Analysis 02 | | | Paper Analysis 03 | | | 2. Securing Containers | | | Paper Analysis 04 | | | 3. SGX | | | Paper Analysis 05 | | | Paper Analysis 06 | | |
Lecture- Operating system security mechanisms: protection and access control
- Virtualization and container mechanisms
- Micro kernel architecture
- Trusted computing
- Secure co-processors (i.e. trusted platform module (TPM))
- Modal execution (i.e. ARM TrustZone)
- Trusted execution on commodity platforms (i.e. SGX and SEV)
Based on the Book Operating System Security by Trent Jaeger. Übung Bei Fragen zu den Übungen kontaktiert bitte Mohammad oder Rüdiger. |
Schedule | [ Subscribe Calendar | Download Calendar ] | Date | Description |
---|
28.10.2020, 15:00 | Lecture (in exercise lecture time slot) (BBB) | 02.11.2020, 13:15 | Lecture (BBB) | 04.11.2020, 15:00 | Exercise lecture (BBB) | 09.11.2020, 13:15 | Lecture (BBB) | 16.11.2020, 13:15 | Lecture (BBB) | 23.11.2020, 13:15 | Lecture (BBB) | 30.11.2020, 13:15 | Lecture (BBB) | 01.12.2020, 13:15 | Presentations first exercise (BBB) | 02.12.2020, 15:00 | Exercise lecture (BBB) | 04.12.2020, 15:00 | Presentations first exercise (BBB) | 14.12.2020, 13:15 | Lecture (BBB) | 11.01.2021, 13:15 | Exercise lecture (BBB) | 12.01.2021, 13:15 | Presentations second exercise (BBB) | 13.01.2021, 15:00 | Lecture (canceled) (BBB) | 15.01.2021, 15:00 | Presentations second exercise (BBB) | 18.01.2021, 13:15 | Lecture (BBB) | 25.01.2021, 13:15 | Lecture (BBB) | 01.02.2021, 13:15 | Lecture (BBB) | 08.02.2021, 13:15 | Lecture (BBB) | 09.02.2021, 13:15 | Presentations third exercise (BBB) | 12.02.2021, 15:00 | Presentations third exercise (BBB) |
|
References | Auf Dokumente der ACM Digital Library (http://dl.acm.org/) kann nur aus dem Netz der TU Braunschweig zugegriffen werden. - Intel SGX Programming Reference
- Intel SGX SDK Developer Reference
- AMD SME Whitepaper
- Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, André Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, Daniel O'Keeffe, Mark L Stillwell, David Goltzsche, Dave Eyers, Rüdiger Kapitza, Peter Pietzuch and Christof Fetzer: SCONE: Secure Linux Containers with Intel SGX, in 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI), Savannah, GA, USA, USENIX, January 2016 (arnautov2016scone, BibTeX, Slides)
- Nico Weichbrodt, Anil Kurmus, Peter Pietzuch and Rüdiger Kapitza: AsyncShock: Exploiting Synchronisation Bugs in Intel SGX Enclaves, in Proceedings of the 21st European Symposium on Research in Computer Security (ESORICS 2016), 2016 (weichbr16esorics, BibTeX)
- David Goltzsche, Signe Rüsch, Manuel Nieke, Sébastien Vaucher, Nico Weichbrodt, Valerio Schiavoni, Pierre-Louis Aublin, Paolo Costa, Christof Fetzer, Pascal Felber, Peter Pietzuch and Rüdiger Kapitza: EndBox: Scalable Middlebox Functions Using Client-Side Trusted Execution, in Proceedings of the 48th International Conference on Dependable Systems and Networks, DSN'18, 2018 (goltzsche2018endbox, DOI, BibTeX, Slides)
|