Platforms and programs
This academic paper introduces fundamental patterns for combining
components, which appear in some form in the systems we study. It is
a little abstract and has a software engineering flavor, but it is
worth your time.
Foundations: Unix/Linux and the machine
We study the basics of the Unix/Linux operating system. This material is
important for Project 1 (heap manager and shell).
Chrome and Android
As a counterpoint to Unix, and to illustrate the enduring importance of the Unix abstractions,
we take a quick look at modern client-side platforms for application delivery, based on material
made available by Google.
The Chrome browser architecture
makes interesting use of OS process abstractions and introduces some
concepts in information security.
Android is an open-source operating system layered on the Linux kernel, and
provides an operating system framework for personal devices (e.g.,
smartphones and tablets). Android uses Linux kernel abstractions in an interesting
way, and replaces the programming environment (shell etc.) with a Java-based
application framework based on modern abstractions for components, component interactions, and
lifecycle management.
- Android
security architecture. This site follows the class discussion, and also has pointers into developer guides for overviews of the Android permission model and the four key component classes: activities, services, receivers, and providers. This material is in scope at the overview level discussed in classes and in the class slides. The following material is out of scope: other pointers in the security document, details of the component classes, details of the binder, memory management extensions, and Digital Rights Management.
- Optional: Anatomy and physiology of Android
Networking with sockets and secure communication
The Unix socket abstraction was introduced in the early 1980s and is the basis for most networking software. This unit is a quick introduction to sockets, clients and servers and SaaS, web request/response and URLs, and basics of secure communication: digests, symmetric and asymmetric crypto, digital signatures, and secure transport (SSL/TLS/HTTPS). Students should understand basic elements and functions at the API level, e.g., as in the java.net classes InetAddress, Socket, ServerSocket, and URLConnection, and the 'top half' security classes Signature, MessageDigest, SSLSocket, Cipher, Key, and Certificate. We discuss examples of how these primitives are used in basic cryptosystems: PKI certificate hierarchy, nonces, HTTPS, code signing, password digest authentication. We are concerned with concepts and not the details of the class interfaces or implementations.
Optional background reading:
Virtual machines and the Cloud
Infrastructure-as-a-Service (Iaas) and Platform-as-a-Service (PaaS) as examples of OS platforms.
The virtual machine (VM) abstraction and structure: hypervisors. Overview of hardware support for virtual machines: a simplified view of protection rings. Virtual appliances as VM programs. IaaS cloud abstractions (EC2). Elastic scaling of cloud-hosted services.
Network infrastructure as a service.
Optional background reading:
Malware, Trust, and Integrity
How do we know if we can trust the programs we run? We discuss vulnerabilities to
trojan horses and other forms of attacks. Code signing. Managing permissions.
Midterm
Threads and concurrency
