Rennes, track 3: Information and Computing Infrastructure Security
Today, states, companies and individuals are more and more dependent on computers. Connected in networks, computers have literally invaded every aspect of human activity. In such an environment, some major concerns include how to authenticate users, to control their access to machines and services, to guarantee the availability of these machines and services, and to ensure confidentiality and integrity of information. The answer essentially lies in the capacity to define and implement security policies; subsequently it is important to consider that flaws are always possible and to monitor systems in order to detect against possible exploitation of these flaws (intrusion detection).
The goal of this track is, on one hand, to bring to the students a global view of the security domain, explaining concepts but also relations between them; on the other hand, to give a deep knowledge and understanding of the following essential subdomains: security policies, cryptography, software security, availability, digital rights management and control access, and intrusion detection.
Our syllabus is composed of five 20h units.
Expressing a security policy is an essential step when designing an information system that has to face confidentiality, integrity and availability constraints. The course entitled “Security policy and properties” (PPS) proposes a formal and rigorous point of view to express a global and coherent security policy. We will distinguish the requirements in terms of access control, usage control and flow control; hence, we will present several formal models that are suitable to express these requirements. Strategies to deploy these security requirements in a real information system will be exposed, in particular for the cases of operating systems and databases management.
Cryptography is also a fundamental tool for achieving security, mainly through confidentiality, integrity and authentication mechanisms.
- The course entitled “Cryptography, and cryptographic protocols” (CRY) deals with the main principles of modern cryptography, giving its limits and discussing its use in real life. Then, cryptographic protocols are introduced, as well as some attacks they have to face. At last, this course will explain how to prove cryptographic protocols, focusing on the model-checking approach, then showing how some attacks may be detected and prevented.
- The course entitled “Software security” (SDL) concerns the fundamental notions of the semantic analysis of programs (operational semantics, abstract interpretation, types) and show how these notions can be used to prevent software vulnerabilities, focusing on the case of embedded software. This course also presents the virology domain: auto-reproducing functions, anti-viral functions, detection techniques through shape or behavior analysis.
- The course entitled “Availability/Content protection” (DPC) is actually composed of two half-courses. The first one deals with availability, which is one of the major aspects of dependability, focusing on the design and use of redundancy mechanisms to face accidental or malicious faults. Software solutions will be presented, that may ensure the availability of a critical service that has been accessed by some outer users. Fault tolerance mechanisms are analyzed through their global architecture as well as through the fundamental algorithmic problems we have to solve. The part dedicated to content protection will deal with the mechanisms that help to manage documents during their diffusion and use: access control, digital rights management tools, traitor tracing and digital watermarking. The goal is to present to fundamental tool the solutions are based on, as well as their limits and the related open problems.
- Classical security approaches, as presented in the four previous courses, are preventive approaches, their goal being to prevent an illegal use of a resource (computation power, data, ...). Such approaches are of course essential, but have to be completed by a reactive one, to deal with potential attacks or intrusions.
- The course entitled “Intrusion detection and survivability” (DIS) deals with this concept of reactive security, presenting tools enabling to detect unusual behaviors or violation of some security properties, and to supervise the security of the information system. The goal of this courses is to present intrusion detection and supervision models, their limits and the related open problems. The second part of the course is entirely dedicated to the study of mechanisms that enable to ensure survivability of communication networks in presence of attacks.
Teachers will come from international institutions (CNRS, INRIA, Télécom Bretagne, Supélec, Technicolor and the University of Rennes 1) and are well known researchers and specialists of the domain.
List of the 5 course units of this track: