Paper for October 8: CCCP – Secure Remote Storage for Computational RFIDs

September 19th, 2009 by Kirti Chawla

CCCP: Secure Remote Storage for Computational RFIDs By Mastooreh Salajegheh, Shane Clark, Benjamin Ransford, Kevin Fu, and Ari Juels. In Proceedings of USENIX Security 2009.

Project Mini-Proposals: Due Sept 25

September 16th, 2009 by David Evans

Project mini-proposals are due Friday, 25 September. Your mini-proposal should describe the question you intend to answer, and why it is interesting. Submit your mini-proposal by email to as a PDF or plain text.

In next week’s classes, you will have a chance to form project teams and get feedback from the students on your project ideas. I will be out-of-town all next week, but reachable by email if you have any questions.

Overshadow Response

September 15th, 2009 by mdeighan

Overshadow response slides

Paper for 17 September: Hey, You, Get Off of My Cloud

September 8th, 2009 by chih-hao

Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds by By Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage. In Proceedings of CCS 2009. ACM Press, Nov. 2009. [PDF]

Paper for 10 September: Unidirectional Key Distribution

August 27th, 2009 by David Evans

Unidirectional Key Distribution Across Time and Space with Applications to RFID Security by Ari Juels, Ravikanth Pappu, and Bryan Parno. USENIX Security Symposium 2008.

Presentation Schedule

August 27th, 2009 by David Evans

The updated presentation schedule is here. I have changed some things from the
signup sheet to try to balance things better.

Paper for 3 September: Vanish

August 25th, 2009 by David Evans

Vanish: Increasing Data Privacy with Self-Destructing Data by Roxana Geambasu, Tadayoshi Kohno, Amit Levy, Henry M. Levy. USENIX Security Symposium, August 2009. [PDF] [Project Site]

Paper for 27 August: Overshadow

August 25th, 2009 by David Evans

Overshadow: A Virtualization-Based Approach to Retrofitting Protection in Commodity Operating Systems by Xiaoxin Chen, Tal Garfinkel, E. Christopher Lewis, Pratap Subrahmanyam, Carl A. Waldspurger, Dan Boneh, Jeffrey Dwoskin, and Dan R. K. Ports. In Proceedings of the 13th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS ‘08), March 2008. [PDF]

Course Announcement

August 25th, 2009 by David Evans

Course Description: This special topics course is a research seminar in computer security. The course will focus on active research areas in computer security, but the specific topics will be largely determined by the interests of the students.

Meetings: Tuesdays and Thursdays, 3:30-4:45pm in Thorton Hall D222.

Coordinator: David Evans

Expected Background: Students in the seminar are expected to have enough background in theory, cryptography, operating systems, security, and networks to be able to understand research papers from security conferences. Students lacking relevant background will need to supplement the seminar readings with additional material.

All students are expected to read and think about all of the assigned readings. Each student will be expected to present and lead the discussion a few times during the semester.  The other major requirement is to complete a substantial research project. See for more  details.

Format: The planned format for most seminar meetings will involve in-depth discussions of selected research papers. At the beginning of the meeting, students will be randomly selected to answer one of the core questions: (1) what problem is the work attempting to solve?, (2) what are the major contributions of the work?, (3) what is the key claimed result?. After these questions have been satisfactorily answered, the scheduled discussion leader will present
the paper and lead a discussion that goes into some technical depth on the work. For most papers, we will have a second seminar meeting that follows up on the original presentation. The student assigned to lead the second meeting is responsible for addressing unresolved questions at the first meeting, and for finding and presenting other works that
relate to original paper.

Topics: Papers may be selected from any area of active security research. Examples of possible topics include binary analysis, botnets, cloud computing, privacy-preserving systms, TPMs, and virtual machines.