Harvard SEAS Logo

CS 252r: Advanced Topics in Programming Languages


  Course description
  Schedule
  Reading papers
  Research projects

CS 252r: Advanced Topics in Programming Languages

Prof. Stephen Chong
Spring 2012

Tuesdays and Thursdays, 1:00pm-2:30pm.
Location: MD 221.

Office hours: MD 145, by appointment, or whenever the door is open.

Course description

This course will focus on language-based information security: using programming language techniques and abstractions to specify, reason about, and enforce, information security. Most of the course will focus on information-flow control: controlling the flow of information within a system to enforce strong security guarantees.

The course will be a combination of lectures and paper discussion. We will focus primarily on recent papers, from the last 3-4 years.

For those taking the course for credit, evaluation will be based on class participation, and a final project. More information about the final project is available here. Auditors are welcome.

The course is intended for graduate students at all levels as well as advanced undergraduates. It is expected that students have taken a course in the foundations of programming languages, such as CS 152.

Schedule

Note 1: Schedule is subject to change. All readings are required except for those marked "Optional". Optional readings duplicate and/or extend material discussed in class.

Note 2: Some brief notes on how to read a research paper are available here.

Date Lec. Topic Readings Presenter
Tu 24-Jan 1 Introduction Steve Chong
slides.pdf
Th 26-Jan 2 Security policies for information flow Steve Chong
Tu 31-Jan 3 Dependency Core Calculus Aslan Askarov
Th 2-Feb 4 Confidentiality and integrity Aslan Askarov
Tu 7-Feb 5 Semantic security conditions beyond noninterference: Declassification and Erasure Steve Chong
Th 9-Feb 6 Provenance Andrew Johnson
Tu 14-Feb 7 Inferring security policies George Kulakowski
Th 16-Feb 8 Timing and termination channels Joe Tassarotti
Tu 21-Feb 9 Project proposals due
Quantitative information flow
Scott Moore
Th 23-Feb 10 Static enforcement/analysis Hannah Gommerstadt
Tu 28-Feb 11 Static enforcement/analysis George Kulakowski
Th 1-Mar 12 Static enforcement/analysis Devon Long
Tu 6-Mar 13 Dynamic/hybrid enforcement Carl Jackson
Th 8-Mar 14 Dynamic/hybrid enforcement Andrew Johnson

Spring Recess
 
Tu 20-Mar 15 Dynamic/hybrid enforcement Steve Chong
Th 22-Mar 16 Dynamic/hybrid enforcement Stefan Muller
Tu 27-Mar 17 Privacy Max Wang
Th 29-Mar 18 Privacy Aslan Askarov
Tu 3-Apr 19 Privacy George Kulakowski
Th 5-Apr 20 Language-based security for Android Hannah Gommerstadt/Devon Long
Tu 10-Apr 21 Software fault isolation Joe Tassarotti
Th 12-Apr 22 Software fault isolation Stefan Muller
Tu 17-Apr 23 Software fault isolation Max Wang
Th 19-Apr 24 Project presentations
  • George
  • Stefan
  • Scott
Tu 24-Apr 25 Project presentations
  • Carl and Max
  • Anna and Devon
  • Joe
Th 3-May Final project due