Course Overview

This course examines the security and privacy considerations in the design and development of software systems. The focus is on the design, implementation, and testing of security and privacy mechanisms that protect data and applications. Topics include security design principles, threat models, authorization models, software vulnerability analysis, differential privacy, federated learning, and machine learning for security. The course readings are selected from foundational and recent research in the area. The assignments provide students with hands-on experience by incorporating open-source tools and frameworks. Students will also engage in a semester-long team project in the context of web-based software systems.

Prerequisites

There are no formal prerequisites for this course. Familiarity with web technologies and web-based software development is helpful. Any necessary background will be briefly reviewed during the course.

Readings

The readings will include book chapters, research papers, and framework documentations. All reading materials are either freely available or accessible using the university’s network.

Communication and Submissions

The course syllabus and schedule is available on the course webpage. Most of the tasks in this class will be handled via course GitHub organization including the distribution of notes, assignments, assignment submission, and feedback.

Assessment and Grading

You will be assessed based on the following:

Assignments (30%): You will work on about 3 hands-on assignments in teams. The purpose of the assignments is to gain hands-on experience and develop deeper understanding of what we review in class.
Paper Presentation and Discussion Participation (20%): You will choose a few research papers from the schedule and prepare a 30-minute conference-style presentation of the work. After each presentation, you are expected to engage the class in a productive discussion on the topic at hand. Other students are expected to actively engage during the presentations and the discussions afterwards.
Team Project (50%): You will work on a semester-long team project involving the design and development of a defense mechanism, an analysis tool, or a measurement study. The projects are expected to have some level of novelty and contributions in theory/application of security and privacy concepts. By the end of the semester you will prepare a conference-style paper reporting on your methodology and results, and present it to the class. You will be graded on intermediary updates and final paper/presentation.

The course is A-E graded. Conversion from the final numerical grade to the letter grade is based on cutoffs determined according to the grade distribution in the class. This results in more flexible and favorable grades compared to using a fixed conversion scale.

Schedule

The following schedule is tentative and will be regularly updated. It is your responsibility to check the schedule regularly. The plus sign (+) means optional reading.

Day	Topic/Readings/Assignment
Jan23	Course Overview; Security Services, Threats, and Design Principles Readings: Computer Security: Art and Science (2ed, Matt Bishop) - Chapter 14: Design Principles
Jan30	Threat Modeling Readings: Shellsharks, A Threat Modeling Field Guide A. Shostack, Threat Modeling: Designing for Security - Chapter 1 and Chapter 2 (Skip the first two sections) Assignment: Threat Modeling Tools
Feb06	Authorization Models: RBAC and ABAC Readings: R. S. Sandhu, D. Ferraiolo, and R. Kuhn, “The NIST Model for Role-Based Access Control: Towards A Unified Standard,” in 5th ACM Workshop on Role Based Access Control, 2000, pp. 47–63. doi: 10.1145/344287.344301. K. Fisler, L. A. Meyerovich, M. C. Tschantz, and S. Krishnamurthi, “Verification and change-impact analysis of access-control policies,” in Proceedings of the 27th international conference on Software engineering, 2005, pp. 196–205. doi: 10.1145/1062455.1062502. Assignment: XACML
Feb13	Authorization Models: ReBAC Readings: G. Bruns, P. Fong, I. Siahaan, and M. Huth, “Relationship-based Access Control: Its Expression and Enforcement Through Hybrid Logic,” in Proceedings of the Second ACM Conference on Data and Application Security and Privacy, in CODASPY ’12, 2012, pp. 117–124. doi: 10.1145/2133601.2133616. R. Pang et al., “Zanzibar: Google’s Consistent, Global Authorization System,” presented at the 2019 USENIX Annual Technical Conference (USENIX ATC 19), 2019, pp. 33–46. Assignment: OpenFGA, Cedar
Feb20	Distributed Authentication and Authorization Readings: E. Y. Chen, Y. Pei, S. Chen, Y. Tian, R. Kotcher, and P. Tague, “OAuth Demystified for Mobile Application Developers,” in Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, in CCS ’14, 2014, pp. 892–903. doi: 10.1145/2660267.2660323. J. Somorovsky, A. Mayer, J. Schwenk, M. Kampmann, and M. Jensen, “On Breaking SAML: Be Whoever You Want to Be,” presented at the 21st USENIX Security Symposium, 2012, pp. 397–412. C. Mainka, V. Mladenov, J. Schwenk, and T. Wich, “SoK: Single Sign-On Security — An Evaluation of OpenID Connect,” in 2017 IEEE European Symposium on Security and Privacy (EuroS&P), 2017, pp. 251–266. doi: 10.1109/EuroSP.2017.32. Assignment: SAML, OAuth
Feb27	Authorization Frameworks. Project Proposal
Mar06	Static Analysis Readings: M. Christodorescu and S. Jha, “Static Analysis of Executables to Detect Malicious Patterns,” presented at the 12th USENIX Security Symposium (USENIX Security 03), 2003. F. E. Allen, “Control flow analysis,” SIGPLAN Not., vol. 5, no. 7, pp. 1–19, Jul. 1970, doi: 10.1145/390013.808479.
Mar13	Dynamic Analysis Readings: E. J. Schwartz, T. Avgerinos, and D. Brumley, “All You Ever Wanted to Know about Dynamic Taint Analysis and Forward Symbolic Execution (but Might Have Been Afraid to Ask),” in 2010 IEEE Symposium on Security and Privacy, IEEE, 2010, pp. 317–331. doi: 10.1109/SP.2010.26.
Mar20	No Class (Spring Break)
Mar27	Project Progress Presentation
Apr03	Data (De-)Anonymization Readings: N. Li, T. Li, and S. Venkatasubramanian, “t-Closeness: Privacy Beyond k-Anonymity and l-Diversity,” in IEEE 23rd International Conference on Data Engineering (ICDE 2007): IEEE, 2007, pp. 106–115. doi: 10.1109/ICDE.2007.367856. A. Narayanan and V. Shmatikov, “Robust De-anonymization of Large Sparse Datasets,” in 2008 IEEE Symposium on Security and Privacy, 2008, pp. 111–125. doi: 10.1109/SP.2008.33.
Apr10	Differential Privacy Readings: C. Dwork, “Differential privacy,” in Automata, languages and programming, 2006. D. Su, J. Cao, N. Li, E. Bertino, and H. Jin, “Differentially Private K-Means Clustering,” in Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy (CODASPY ’16), 2016, pp. 26–37. doi: 10.1145/2857705.2857708. C. Dwork, N. Kohli, and D. Mulligan, “Differential Privacy in Practice: Expose your Epsilons!,” Journal of Privacy and Confidentiality, vol. 9, no. 2, Oct. 2019, doi: 10.29012/jpc.689.
Apr17	Federated Learning Readings: Q. Yang, Y. Liu, T. Chen, and Y. Tong, “Federated Machine Learning: Concept and Applications,” ACM Transactions on Intelligent Systems and Technology (TIST), vol. 10, no. 2, p. 12:1-12:19, Jan. 2019, doi: 10.1145/3298981. H. Wang, D. Eklund, A. Oprea, and S. Raza, “FL4IoT: IoT Device Fingerprinting and Identification Using Federated Learning,” ACM Transactions on Internet of Things, vol. 4, no. 3, p. 17:1-17:24, Jul. 2023, doi: 10.1145/3603257.
Apr24	Guardrails for Large Language Models Readings: Z. Yuan et al., “RigorLLM: resilient guardrails for large language models against undesired content,” in Proceedings of the 41st International Conference on Machine Learning, in ICML’24, vol. 235. Vienna, Austria: JMLR.org, Jul. 2024, pp. 57953–57965.
Apr30	Showcase Day
May01	Project Presentation

Policies

No Late Submission (Except One Assignment): Assignments will be released at least two weeks before their due date. You are highly recommended to study an assignment as soon as it becomes available. There will be ample opportunities to benefit from office hours and communication with the instructional team before the due date. Assignments are due at 11:59pm on the day of their deadline. Submissions after due time will receive no points. However, in order to account for unforeseen situations, you can request to submit only one assignment late. In order for your late assignment to be graded, you must email the instructor to request a late submission before the deadline. You should note that a late-submission request may not be always accepted (e.g., when the solutions need to be discussed in class immediately after a submission). Therefore, you are recommended to submit a version of your solution before the deadline if your request has not been reviewed yet. You have up to 3 days to submit after the deadline if your late-submission request is approved. Note that you only have one such opportunity during the semester. Therefore, it is advised to leave that option for truly critical situations. In the case of a team assignment, a late submission is considered for all team members.
Review of Grades: Any issue regarding your grade in a specific assignment must be communicated to us no later than 5 business days after the posting day of the grades. There will be no re-grading after the 5-day period has passed.
Attending Classes: Class attendance is required for successful completion of this course.
Academic Integrity: It is every student’s responsibility to become familiar with the standards of academic integrity at the University. Claims of ignorance, of unintentional error, or of academic or personal pressures are not sufficient reasons for violations of academic integrity. Any incident of academic dishonesty can result in a zero grade for the affected course component and a report sent to the appropriate University authorities (e.g., Dean of Undergraduate Education or Graduate Studies). Repeated violations will result in a failing grade for the course.
For all assignments, you must submit your own work, except where collaboration is explicitly permitted or required. Providing your solutions to others or copying even parts of a solution is considered plagiarism. In projects/papers, you must properly cite any resources from which you borrow ideas and clearly distinguish them from your contributions.
Use of Electronic Devices: Computers or other electronic devices may be only used during class for note-taking, in-class exercises, or other class-related activities. You are not allowed to perform any unrelated tasks during class.
Students with Disabilities: Reasonable accommodation will be provided for students with documented disabilities. If you believe you have a disability requiring accommodation in this class, please notify the Disability Access and Inclusion Student Services (DAISS) (Campus Center 130, 518-442-5501). That office will provide me with verification of your disability, and will recommend appropriate accommodations. In general, it is your responsibility to contact me at least one week before the relevant activity to make arrangements.
Health and Well-Being: Your physical and mental health is very important. The university has several health services when you need them. In particular, Counseling and Psychological Services (CAPS) provides free, confidential services including psychological counseling and evaluation for emotional, social, and academic concerns.
If your life or someone else’s life is in danger, please call 911. If you are in a crisis and need help right away, please call the National Suicide Prevention Lifeline at 1-800-273-TALK (8255). Students dealing with heightened feelings of sadness or hopelessness, increased anxiety, or thoughts of suicide may also text “GOT5” to 741741 (Crisis Text Line).