course design document is436: data security and privacy...13 project 2 presentation 10 work on...
TRANSCRIPT
Course Design Document
IS436: Data Security and Privacy
Version 1.0
7 July 2014
SMU School of Information Systems (SIS)
Course: Security and Trust Page 2
Table of Content 1 Versions History .................................................................................................................................. 3 2 Overview of Data Security and Privacy Course ............................................................................... 3
2.1 Synopsis ........................................................................................................................................ 3 2.2 Prerequisites ................................................................................................................................ 3 2.3 Objectives ..................................................................................................................................... 3 2.4 Basic Modules .............................................................................................................................. 4 2.5 Instructional Staff ........................................................................................................................ 4
3 Output and Assessment Summary .................................................................................................... 4 Class participation (10%) .......................................................................................................................... 5 Projects (50%) ........................................................................................................................................... 5 Final Exam (40%; open book) in week 15 ................................................................................................. 6 Grades release schedule ............................................................................................................................. 6
4 Group Allocation for Assignments .................................................................................................... 6 5 Classroom Planning ............................................................................................................................ 7
5.1 Course schedule summary ................................................................................................................... 7 5.2 Weekly plan ......................................................................................................................................... 8
6 List of Information Resources and References ................................................................................12 7 Tooling ................................................................................................................................................12 8 Learning Outcomes, Achievement Methods and Assessment ........................................................13
SMU School of Information Systems (SIS)
Course: Security and Trust Page 3
1 Versions History
Version Description of
Changes
Author Date
V 1.0 Yingjiu Li 07-07-2014
2 Overview of Data Security and Privacy Course
2.1 Synopsis This course introduces undergraduate students to fundamental access control techniques that are essential to ensure data security and privacy. The focus of this course is on (A) access control on mobile platforms, and (B) access control on cloud. The topics to be covered in the area of access control on mobile platforms include mobile platform security model, Android overview, SELinux, and SEAndroid. The topics to be covered in the area of access control on cloud include an overview from PKI to ABE, math foundation and IBE, fuzzy IBE, KP-ABE, and CP-ABE. 2.2 Prerequisites Students should have a good grasp of the fundamentals of information security and privacy (e.g., IS302 Information Security and Trust or equivalent). In addition, students should have basic knowledge about algebra. 2.3 Objectives Upon finishing the course, students are expected to:
• Understand basic security models, policy language, policy configuration and policy application on SELinux and SEAndroid.
• Know how to customize security policies on Android so as to address common security problems on mobile platforms.
• Understand basic encryption techniques for protecting data on the cloud and enabling flexible access to the protected data.
• Be exposed to emerging and new topics in data security and privacy.
SMU School of Information Systems (SIS)
Course: Security and Trust Page 4
2.4 Basic Modules
2.5 Instructional Staff
Professor: Yingjiu Li
Instructional staff: TBD
Teaching assistants: TBD
3 Output and Assessment Summary
Week Date Output Assessments
Weighting in %
Group Weighting
Remarks
1 project groups Project 1 25% (report 15%, presentation 10%) Project 2 25% (report 15%, presentation 10%)
Mobile security model and Android overview
2 SELinux
3 SELinux
4 SELinux
5 SEAndroid
6 Overview from PKI to ABE
7 Math and IBE
Data security & privacy on mobile platforms (6 weeks)
Mobile platform security model and Android overview (1 week)
SELinux (3 weeks)
SEAndroid (1 week)
Project 1 presentation (1 week)
Data security & privacy on cloud (6 weeks)
Overview from PKI to ABE (1 week)
Math foundation and IBE (1 week)
Fuzzy IBE/Threshold ABE (1 week)
KP ABE (1 week)
CP ABE (1 week)
Project 2 presentation (1 week)
SMU School of Information Systems (SIS)
Course: Security and Trust Page 5
8 (Recess)
Final exam 40% Class participation 10%
Work on project 1
9 Fuzzy IBE
10 KP-ABE
11 CP-ABE
12 Project 1 presentation
10 Work on project 2
13 Project 2 Presentation
10 Work on project reports
14 (Review)
Project reports 15+15
15 Final exam 40
Total 90 100%
Class participation (10%)
Evaluated by the lecturers based on students’ attendance and participation in classroom discussions
Projects (50%)
There are two group projects with each project 25%
Teaming: each team consists of 2-3 members.
References: course material and internet
Grading: 25% Presentation15%
Presentation organization 5% Technical description 5% Q&A 5%
Project report 10% Breadth 5% Depth 5%
The first group project is on SEAndroid Identify certain problems on existing Android platforms Design and implement SEAndroid policies to address the problems
Instructions for the first group project: Identify a security problem on existing Android platforms. The
problem must make sense. Design and implement SEAndroid policies to address the problem,
and show the effectiveness of the proposed policies (both analytically and through a demo).
SMU School of Information Systems (SIS)
Course: Security and Trust Page 6
Project presentation will be graded on (a) presentation organization, (b) technical description, and (c) questions and answers.
The project report will be graded on (a) breadth/completeness (addressing all relevant issues), and (b) depth (providing in-depth analysis with technical details).
The second group project is on encryption of data on cloud Identify a specific topic related to IBE, Fuzzy IBE, KP-ABE or CP-
ABE Survey the recent advancements on the topic and discuss their
applications
Instructions for the second project: Read at least 2 published papers on the selected topic. Write a survey paper that covers the following: Introduction: motivation, application domain, problem definition Summaries of the techniques developed in each paper, clearly
highlighting the strengths and weaknesses of each A taxonomy of the various techniques if possible Discussion on the applications of the techniques developed in each
paper Project presentation will be graded on (a) presentation
organization, (b) technical description, and (c) questions and answers.
The report will be graded on (a) understanding of the chosen papers, and (b) critique of the papers.
The presentations of project 1 are scheduled in week 12, and the presentations of project 2 are scheduled in week 13. The final reports are due on in week 14.
Final Exam (40%; open book) in week 15
Cover all material taught in class
Short answer questions
Grades release schedule
Participation at the end of term Final exam at the end of term Group projects at the end of term
4 Group Allocation for Assignments
SMU School of Information Systems (SIS)
Course: Security and Trust Page 7
Each class is partitioned into multiple teams for project. Each team should consist of 2 or 3 members. The students may form their own teams or select teams randomly.
5 Classroom Planning
Teaching session: 3 hours Note
Review: 15 minutes
Motivation: 30 minutes
Security problems
Motivating examples
Learning
Technical solutions: 2 hours
Settings and steps
Discussions
Learning
Summary: 15 minutes Learning effect
5.1 Course schedule summary
Wk Topic (problem)
Classroom: techniques (1.5 hours)
After-class reading and exercise
1 Overview Mobile platform security model and Android overview
Group formation
2 SELinux (model)
From DAC to MAC, SELinux architecture, security model
Work on project 1
3 SELinux (language)
SELinux policy language Work on project 1
4 SELinux (application)
SELinux policy application, configuration, customization
Work on project 1
5 SEAndroid Challenges, implementation, and case analysis
Work on project 1
6 Overview from PKI to ABE
Introduction to PKI, IBE, Fuzzy IBE, KP-ABE, and CP-ABE
Work on project 2
7 Math foundation and IBE
Abstract algebra, bilinear maps, IBE setup, IBE encryption, IBE decryption
Work on project 2
8 Recess No class Work on project 1
SMU School of Information Systems (SIS)
Course: Security and Trust Page 8
9 Fuzzy IBE/Threshold
ABE
Fuzzy IBE/threshold ABE setup, encryption, decryption, and application
Work on project 2
10 KP-ABE
KP-ABE setup, encryption, decryption, and application
Work on project 2
11 CP-ABE CP-ABE setup, encryption, decryption, and application
Work on project 2
12 Project 1 presentation
Presentations of all groups Work on project 2
13 Project 2 presentation
Presentations of all groups Work on project reports
14 Review No class Review, Q&A
15 Final exam Final exam (open book)
5.2 Weekly plan
Week: 1
Session 1:
Introduction to the course
Mobile platform security model
Session 2:
Android overview
Project 1 and project team formation
Reference:
Asokan, et al.: Mobile Platform Security, Morgan & Claypool, 2014.
Things to ensure:
Course material is available for download from the course web site
Students form teams for projects
Week: 2
Session 1:
Access control models: from DAC to MAC
Linux architecture and security model
Session 2:
Linux policy language: TE statements
Reference:
Stephen Smalley: Configuring the SELinux Policy, NSA Technical Report, 2005.
Things to ensure:
Clarify the advantages and disadvantages of different security models
Students know how to explain and compose TE statements in SELinux
Week: 3
Session 1:
SMU School of Information Systems (SIS)
Course: Security and Trust Page 9
SELinux policy language: TE statements
RBAC statements
Session 2:
User declaration, constraint definition
Security context specifications, file contexts configuration
Reference:
Stephen Smalley: Configuring the SELinux Policy, NSA Technical Report, 2005
Things to ensure:
Students know how to explain and compose SELinux policy
Week: 4
Session 1:
Applying security policy
Configuration files for security-aware apps
Customizing policy
Session 2:
Meeting security objectives
Reference:
Stephen Smalley: Configuring the SELinux Policy, NSA Technical Report, 2005
Things to ensure:
Students understand how to apply, configure, and customize SELinux security policy
Students know how to design security policies to meet security objectives
Week: 5
Session 1:
Challenges of using SELinux in Android
SEAndroid implementation: Kernel support
Session 2:
SEAndroid implementation: Userspace support
SEAndroid implementation: policy configuration
SEAndroid case analysis
Reference:
Stephen Smalley, Robert Craig: Security Enhanced (SE) Android: Bringing Flexible MAC to Android, NDSS 2013.
Things to ensure:
Students understand the challenges of using SELinux in Android and know how to address the challenges in SEAndroid
Students know how to implement SEAndroid
Students understand how to use SEAndroid to achieve security objectives
Week: 6
Session 1:
PKI issues
Introduction to IBE
Session 2:
Introduction to fuzzy IBE
Introduction to ABE
Project 2
Reference:
SMU School of Information Systems (SIS)
Course: Security and Trust Page 10
Rong-Jaye Chen: Attribute-Based Encryption
Things to ensure:
Understand the issues of PKI
Know the basic ideas of IBE, fuzzy IBE, and ABE
Week: 7
Session 1:
Abstract algebra: group, ring, field
Bilinear maps
Session 2:
IBE setup
IBE encryption
IBE decryption
Reference:
Sahai and Waters: IBE, Eurocrypt 2005
John Bethencourt: Intro to Bilinear Maps www.upl.cs.wisc.edu/~bethenco/bilinear_maps.pdf
Things to ensure:
Understand the math foundations of abstract algebra and bilinear maps
Understand the processes of IBE
Week: 8 (Recess week: no class)
Session 1:
Session 2:
Reference:
Things to ensure:
Week: 9
Session 1:
Fuzzy IBE/threshold ABE motivation
Fuzzy IBE setup, encryption, and decryption
Session 2:
Security of fuzzy IBE
Application of fuzzy IBE
Reference:
Things to ensure:
Understand the processes of fuzzy IBE
Understand why fuzzy IBE is secure and how to apply it
Week: 10
Session 1:
KP-ABE motivation
KP-ABE setup
Session 2:
KP-ABE encryption and decryption
SMU School of Information Systems (SIS)
Course: Security and Trust Page 11
KP-ABE security and application
Reference:
Goyal, Pandey, Sahai, Waters: KP-ABE, CCS 2006
Things to ensure:
Understand the processes of KP-ABE
Understand why KP-ABE is secure and how to apply it
Week: 11
Session 1:
CP-ABE motivation
CP-ABE setup
Session 2:
CP-ABE encryption and decryption
CP-ABE security and application
Reference:
Bethencourt, Sahai, Waters: CP-ABE, Oakland 2007
Things to ensure:
Understand the processes of CP-ABE
Understand why CP-ABE is secure and how to apply it
Week: 12
Session 1:
Presentation of project 1
Session 2:
Presentation of project 1
Reference:
Things to ensure:
All groups present how to use SEAndroid to address security problems on Android platforms
Week: 13 (project presentation and demo: teams 6-10)
Session 1:
Presentation of project 2
Session 2:
Presentation of project 2
Reference:
Things to ensure:
Be exposed to emerging and new topics in IBE, fuzzy IBE, KP-ABE and CP-ABE
Week: 14 (review week: no class)
Session 1:
Session 2:
Reference:
SMU School of Information Systems (SIS)
Course: Security and Trust Page 12
Things to ensure:
Project report is due
Week: 15 (exam week: no class)
Session 1:
Session 2:
Reference:
Things to ensure:
Final exam
6 List of Information Resources and References
• Asokan, et al.: Mobile Platform Security, Morgan & Claypool, 2014. • Stephen Smalley: Configuring the SELinux Policy, NSA Technical Report,
2005. • Peter Loscocco, Stephen Smalley: Meeting Critical Security Objectives
with Security-Enhanced Linux, In proceedings of Ottawa Linux Symposium (2001)
• Stephen Smalley, Robert Craig: Security Enhanced (SE) Android: Bringing Flexible MAC to Android, NDSS 2013.
• Frank Mayer, Karl MacMillan, David Caplan: SELinux by Example, Prentice Hall, 2007
• Rong-Jaye Chen: Attribute-Based Encryption http://people.cs.nctu.edu.tw/~rjchen/ECC2012S/ABE_Litin.ppt
• Sahai and Waters: IBE, Eurocrypt 2005 • John Bethencourt: Intro to Bilinear Maps
www.upl.cs.wisc.edu/~bethenco/bilinear_maps.pdf • Goyal, Pandey, Sahai, Waters: KP-ABE, CCS 2006 • Bethencourt, Sahai, Waters: CP-ABE, Oakland 2007
Other reading material and reference websites are available in the course slides
7 Tooling
Tool Description Remarks
SEAndroid (include SEAndroid Emulator)
A set of tools enabling the use of SELinux in Android
Project 1
SMU School of Information Systems (SIS)
Course: Security and Trust Page 13
8 Learning Outcomes, Achievement Methods and Assessment
IS302 - Information Security and Trust
Course-specific core competencies which
address the Outcomes
Faculty Methods to Assess Outcomes
1 Integration of business &
technology in a sector context
1.1 Business IT value linkage
skills YY
Understand the advantages and disadvantages of different security models on mobile platforms and cloud Be able to explain, configure, apply, customize, and compose security policies on SELinux and SEAndroid Design security policies to meet security objectives on mobile platforms Understand the processes of different encryption schemes on cloud Know how to choose appropriate encryption schemes in various cloud applications
Classroom interactions Grade and give feedback to group projects
Ability to understand & analyze the
linkages between:
a) Business strategy and business
value creation
b) Business strategy and
information strategy
c) Information strategy and
technology strategy YY
d) Business strategy and business
processes
e) Business processes or
information strategy or technology
strategy and IT solutions
1.2 Cost and benefits analysis
skills
Ability to understand and analyze:
a) Costs and benefits analysis of the
project
1.3 Business software solution
impact analysis skills
SMU School of Information Systems (SIS)
Course: Security and Trust Page 14
Ability to understand and analyze:
a) How business software
applications impact the enterprise
within a particular industry sector.
2 IT architecture, design and
development skills
2.1 System requirements
specification skills Y
Identify the security requirements for mobile platforms and cloud applications Design security policies to protect mobile platforms Choose appropriate encryption schemes to protect cloud data and enable flexible access control
Classroom interactions and projects
Ability to:
a) Elicit and understand functional
requirements from customer Y
b) Identify non functional
requirements (performance,
availability, reliability, security,
usability etc…)
Y
c) Analyze and document business
processes
2.2 Software and IT architecture
analysis and design skills Y
Analyze the security issues of mobile platforms and apply SEAndroid policy to address the security issues Analyze the security of different cloud encryption schemes Choose and customize cloud encryption schemes in cloud applications
Project 1 and project 2
Ability to:
a) Analyze functional and non-
functional requirements to produce a
system architecture that meets those
requirements.
Y
b) Understand and apply process and
methodology in building the
application
Y
c) Create design models using
known design principles (e.g. Y
SMU School of Information Systems (SIS)
Course: Security and Trust Page 15
layering) and from various view
points (logical, physical etc…)
d) Explain and justify all the design
choices and tradeoffs done during
the application's development
Y
2.3 Implementation skills Y
Use SEAndroid tools to design and implement security policies so as to meet specific security objectives
Project 1
Ability to:
a) Realize coding from design and
vice versa Y
b) Learn / practice one
programming language Y
c) Integrate different applications
(developed application, cots
software, legacy application etc…)
d) Use tools for testing, integration
and deployment Y
2.4 Technology application skills Y
Understand and know how to use Android security policy to meet security objectives, how to choose encryption schemes in cloud applications
Project 1 and project 2
Ability to:
a) Understand, select and use
appropriate technology building
blocks when developing an enterprise
solution (security, middleware,
network, IDE, ERP, CRM, SCM etc…)
Y
3 Project management skills
3.1 Scope management skills
Ability to:
a) Identify and manage trade-offs
on scope/cost/quality/time
b) Document and manage changing
requirements
3.2 Risks management skills
Ability to:
a) Identify, prioritize, mitigate and
document project’s risks
b) Constantly monitor projects
risks as part of project monitoring
3.3 Project integration and time
management skills
SMU School of Information Systems (SIS)
Course: Security and Trust Page 16
Ability to:
a) Establish WBS, time & effort
estimates, resource allocation,
scheduling etc…
b) Practice in planning using
methods and tools (Microsoft
project, Gantt chart etc…)
c) Develop / execute a project plan
and maintain it
3.4 Configuration management
skills
Ability to:
a) Understand concepts of
configuration mgt and change
control
3.5 Quality management skills
Ability to:
a) Understand the concepts of
Quality Assurance and Quality
control (Test plan, test cases …)
4 Learning to learn skills Y
Identify a specific topic related to IBE, Fuzzy IBE, KP-ABE or CP-ABE; survey the recent advancements on the topic and discuss their applications
Project 2
4.1 Search skills Y
Ability to:
a) Search for information efficiently
and effectively
4.2 Skills for developing a
methodology for learning
Ability to:
a) Develop learning heuristics in
order to acquire new knowledge
skills (focus on HOW to learn versus
WHAT to learn ).
b) Abide by appropriate legal,
professional and ethical practices for
using and citing the intellectual
property of others
5 Collaboration (or team) skills:
5.1 Skills to improve the
effectiveness of group processes Y
Effectively communicate and resolve conflicts while working in a team
Grade and give feedback to projects
SMU School of Information Systems (SIS)
Course: Security and Trust Page 17
and work products
Ability to develop:
a) Leadership skills
b) Communication skills
c) Consensus and conflict resolution
skills
6 Change management skills for
enterprise systems
6.1 Skills to diagnose business
changes
Ability to:
a) Understand the organizational
problem or need for change (e.g.
Analyze existing business processes
or “as-is process”)
6.2 Skills to implement and
sustain business changes
Ability to:
a) implement the change (e.g.
advertise / communicate the need for
change etc..) and to sustain the
change over time
7 Skills for working across
countries, cultures and borders
7.1 Cross-national awareness
skills
Ability to:
a) Develop cross-national
understandings of culture,
institutions (e.g. law), language
etc…
7.2 Business across countries
facilitation skills
Ability to:
a) Communicate across countries
b) Adapt negotiation and conflict
resolution techniques to a
multicultural environment
8 Communication skills
8.1 Presentation skills Y Prepare and deliver effective Grade and give feedback
SMU School of Information Systems (SIS)
Course: Security and Trust Page 18
presentations on two different projects.
to projects
Ability to:
a) Provide an effective and efficient
presentation on a specified topic. Y
8.2 Writing skills Y Write a survey report on the recent advancements of IBE, fuzzy IBE, KP-ABE, or CP-ABE.
Provide feedback and suggestions to students’ writings
Ability to:
a) Provide documentation
understandable by users
(Requirements specifications, risks
management plan, assumptions,
constraints, architecture choices,
design choices etc…)
Y This sub-skill is covered partially by the course
YY This sub-skill is a main focus for this course