Software security seminar

From PublicWiki
Revision as of 18:27, 3 December 2004 by (talk) (Week 5: law intro: economic legal philosophy)

Jump to: navigation, search

Notes for soctech seminar planning, Winter 2005

Making secure software: technical and legal solutions (and policy and business if we want to go there).

Schedule details

week-by-week breakdown

Week 1: tech intro: thinking about computer security

  • Presenter: Keunwoo
  • Topics:
    • What is this course about, and why are we here?
    • Basic security concepts (threat models, cost/safety tradeoffs)
    • Fundamental computing technology topics: operating systems, programming systems.
  • Pre-reading: none; Keunwoo will present slides.
  • Post-reading: Lessig, Code and Other Laws of Cyberspace, ch. 7

Week 2: tech intro: software quality and security

  • Presenter: Keunwoo?
  • Topics: what is software quality? how do people measure it? how does this apply to security?
  • Reading: (I am asking some software engineering people for a good overview of software quality.)

Week 3: technical aspects of improving computer systems

  • Presenter: Keunwoo?
  • Topics: technologies that can improve computer systems: languages; analysis tools; testing; runtime systems/operating systems; ad hoc technical measures; software development methodologies; HCI issues
  • Reading: Handouts prepared by Keunwoo; also, Schneier, Secrets and Lies ch. 8-10?

Week 4: law boot camp: tort, contract & property

  • Presenter: Ben
  • Topics: Basically, the first year of law school in 50 minutes...
  • Readings: TBD

Week 5: a conceptual model: the law and economics view

  • Presenter: Ben?
  • Topics: economic analysis of law; property, contract and torts recast; the Coase theorem; ...
  • Readings: selections from Posner, Economic Analysis of Law and/or Calabresi & Melamid, "Property Rules, Liability Rules and Inalienability: One View of the Cathedral"

Week 6: vendor liability

  • Presenter: ?

Week 7: certification processes: products, processes, people

Week 8: criminal law approaches?

  • Presenter: ?

Week 9: public policy approaches

  • Presenter: ?
  • Topic: does gov't have any role in directly intervening in computer security?
    • funding basic research?
    • subsidizing development or deployment of security products?
    • etc.
  • Readings:
    • Lazowska 590tu lecture from 12/02/04 (require people to watch online beforehand)
    • other?

Week 10: quality of information in the security market

  • Presenter: ?
  • Readings: John Michener, Steven Mohan, James Astrachan, David Hale. Snake-oil Security Claims: the Systematic Misrepresentation of Product Security in the E-commerce Arena [1]

Past courses to mine for useful content

Floating readings

These are readings that haven't been matched to a date yet.

Resources to mine for other readings

Other notes

Technical discussion We'd want to start off with a briefing/discussion on the technical issues, led by a computer scientist volunteer or one of us. This means talking about the trouble computer scientists have a) writing secure software and b) determining whether a piece of software is secure. Questions to be discussed and explained would be:

  • Why is writing secure software so hard? (software is complex, tiny vulnerabilities in seas of code millions of lines long)
  • Computer scientists can't tell for sure whether their software is secure for anything more than the tiniest programs. So what CAN we do to evaluate how secure a piece of software is? What proxies for security do we measure (SE practices, performance on static analysis tests, security features in the spec)? This is necessary to cover, I'd think, for any discussion of legal liability--i.e., how do we assign blame for bad software--well, we can see if the vendor did everything he could to try to verify his software was secure.

Legal discussion Led by Ben/lawyer in the room:

  • What is tort?
  • Does it apply to software? Why not?
  • What about in the future, as Ben said, as more devices go online?

Other tactics for improving software

  • Policy solution: Should the gov't or other body license software engineers? Would that improve software quality?
  • Market solution: Would creating an independent lab to evaluate software security help the consumer overcome the problem of "I want to buy secure software but I have no idea how to tell what software products are secure"? If ratings by a lab would get the consumer to buy the relatively more secure stuff, this would incentivize companies to provide it.

Readings and speakers (if we want them) TBD

  • David Notkin might be convinced to explain problems with software security
  • possible literature from the Cylab, CMU, law review articles (need to investigate)
  • Schneier. Secrets and Lies, Digital Security in a Networked World
  • chapter on security in Aspray, IT and Public Policy
  • any notes/video from Ed L's IT/public policy class

How many days worth of class is this? One for technical, one for legal, one for discussion? Perhaps on the 3rd day we could assign people to think about how they would improve software security given what they learned about law and tech.