General information on the place and time where the seminar takes place can be found in the Vorlesungsverzeichnis. Beware that the Vorlesungsverzeichnis does not allow timely updates of information and may be out of date. The organizer of this seminar is Prof. Volker Roth and the Secure Identity Research Group.
The goal of this seminar is to understand the field of language-based security with a particular focus on information flow control. Whenever feasible and reasonable, we will attempt to put the acquired knowledge into practice, e.g., by implementing information flow control techniques for a small compiler or interpreter.
Information flow control is an exciting field of research that dates back to the 1970's but is revived recently because it addresses the threat of Trojan Horse software. Trojan Horse software is a growing concern in the Web and on mobile devices as many applications surreptitiously exfiltrate users' personal information for the purpose of espionage or targeted advertising.
Compiler-building knowledge and knowledge about type systems will be helpful for this seminar.
We begin by reading introductory material and then assign subtopics to the seminar participants. Each participant is responsible for writing a chapter of a joint document that summarizes the findings of the seminar participant. It is expected that participants perform literature research in order to find work that is relevant to their topics. Instead of working individually, participants may form pairs working jointly.
In order to facilitate collaboration, I established a Git repository for the joint report and accompanying material. In order to facilitate communication and discussion we will establish a mailing list. I give the URL of the Git repository below:
The grading of active participation will be based on participation and active contribution to the seminar in the form of presentations and helpful suggestions given to other seminar participants. The grade will be based on the quality of the mid-term draft, their final draft and their presentation.
Below are the starting points for reading and for literature research. Note that all participants are required to perform literature research on top of the literature given below. For some nice examples and background on slide, see here.
Basics and surveys
Arrays and error reporting
Send/receive
Multi-threading
Exceptions
Declassification
Dynamic data structures
Timing-awareness