Many security courses are about how to design your application and configuration to keep your platform secure. This course is the opposite: what can your platform do to make your application secure, and how does it do it?
In this course we will discuss the following main topics, with a focus on Linux:
- Access control
- Containers and other forms of sandboxing
- Mobile platforms
- Hardware features
- Run-time security
week there will be recorded lecture and a programming exercise; these
tie together to form a larger project where you will build a basic
The interactive sessions will be run using Microsoft Teams. Those registered for the course in Oodi will be added to the team before the course starts; if this has not been done by 19.4, then please request access using this link or contact Lachlan Gunn <email@example.com>.
There will be an introductory session at 10.15 on Tuesday 20.4.2021.
In the following weeks, the schedule will be as follows:
On Tuesdays (10.15 to 12.00) there will be an interactive session where you can discuss what you saw in the lectures and ask any questions that you might have about this or the exercise. In addition, we will set aside time during the Tuesday session so that you can start working on the next exercise together with your classmates.
On Thursdays (10.15 to 12.00) there will be an exercise session, where you will review each others' code and present your solutions to the group. Everyone must present a solution at least once during the course, and active participation in these sessions will form a significant part of your course grade.
The course exercises will involve C programming on Linux. We provide a virtual machine template under the Materials tab that you can use to set up an environment to complete the exercises. For this you will need to install
- Virtualbox (available at https://www.virtualbox.org/wiki/Downloads)
- Vagrant (available at https://www.vagrantup.com/downloads)
You can then download the Vagrantfile into a directory on your machine, and run
> vagrant upto bring up a virtual machine. The username and password are both "vagrant".
> vagrant reload