VVZ API is not affiliated with ETH Zurich. Data might be outdated or incorrect. Please view the official ETHZ Vorlesungsverzeichnis for binding information.

251-1414-00L 6 Credits BSC , DS , MSC D-ITET , D-INFK

System Security

Lecturers & Examiners: Dr. Germano Caronni, Dr. Nathalie Weiler, Prof. Dr. Srdjan Capkun

VVZ CR n/a

Last Updated: 2026-02-05 15:29:33

Abstract

Objective

In this lecture, students learn about the security requirements and capabilities that are expected from modern hardware, operating systems and other software environments. An overview of available technologies, algorithms and standards is given, with which these requirements can be met.

Content

The first part of the lecture covers individual system's aspects starting with tamperproof or tamperresistant hardware in general over operating system related security mechanisms to application software systems such as host based intrusion detetction systems. The main topics covered are: tamper resistant hardware, CPU support for security, protection mechanisms in the kernel, file system security (permissions / ACLs / network filesystem issues), IPC Security, mechanisms in more modern OS, such as Capabilities and Zones, Libraries and Software tools for security assurance, etc. In the second part, the focus is on system design and methodologies for large projects. The main question answered is how to get a large secure system. Topics include: patch management, common software faults (buffer overflows, etc.), writing secure software (design, architecture, QA, testing), compiler-supported security, langauge-supported security (java...), logging and auditing (BSM audit, dtrace, ...), cryptographic support, TCG, secure file systems, dos/windows/ windowsXP security issues. Along the lectures, model cases will be elaborated and evaluated in the exercises.

General Information

Language: English
Levels: BSC , DS , MSC
Frequency: Yearly recurring

Examination

Type: end-of-semester examination

Course Components