COMP0133 Distributed Systems and Security

This database contains the 2018-19 versions of syllabuses. These are still being finalised and changes may occur before the start of the session.

Syllabuses from the 2017-18 session are available here.

Academic session

2018-19

Module

Distributed Systems and Security

Code

COMP0133

Module delivery

1819/A7P/T1/COMP0133 Postgraduate

Related deliveries

1819/A7U/T1/COMP0133 Masters (MEng)

Prior deliveries

COMPGZ03

Level

Postgraduate

FHEQ Level

L7

FHEQ credits

15

Term/s

Term 1

Module leader

Karp, Brad

Contributors

Karp, Brad

Module administrator

Nolan, Martin

Aims

The first half of the module explores the design and implementation of distributed systems in case-study fashion: students read classic and recent research papers describing ambitious distributed systems. In lecture, students critically discuss the principles that cause these systems to function correctly, the extent to which these systems solve the problem articulated by the authors and the extent to which the problem and solution chosen by the authors are relevant in practice. The second half of the module explores computer system security, again, largely in case-study fashion.

Correctness under concurrency is a central challenge in distributed systems and one that can only fully be understood through experience of building such systems (and encountering subtle bugs n them). To give students experience of this sort, the module includes one significant programming coursework in C, in which the students implement a simple distributed system that must provide an ordering guarantee. Further written coursework helps students solidify their understanding of the security material in the class.

Learning outcomes

On successful completion of the module, a student will be able to:

  1. articulate and apply classic design principles for distributed filesystems, agreement protocols, distributed two-phase locking, distributed shared memory, logical clocks, and consistency protocols under weak connectivity;
  2. articulate and apply classic design principles for cryptographic protocols, authentication systems, logic applied to reasoning about certificate-based authentication, defense against exploits, isolation of untrusted code, and least-privilege software design;
  3. be able to read and grasp research literature in the distributed systems and security areas independently;
  4. critique research-grade designs and evaluations of distributed and secure computer systems.

Availability and prerequisites

This module delivery is available for selection on the below-listed programmes. The relevant programme structure will specify whether the module is core, optional, or elective.

In order to be eligible to select this module as optional or elective, where available, students must meet all prerequisite conditions to the satisfaction of the module leader. Places for students taking the module as optional or elective are limited and will be allocated according to the department’s module selection policy.

Programmes on which available:

  • MSc Financial Systems Engineering
  • MSc Information Security
  • MSc Information Security (Part time) (Year 1)
  • MSc Information Security (Part time) (Year 2)
  • MSc Software Systems Engineering

Prerequisites:

To be eligible to select this module, students must:

  • already have taken and passed either Computer Systems (COMP0019) or a module of equivalent depth and rigour (subject to instructor’s review and approval); and
  • already have a strong background in programming in C (including dynamic memory allocation and the use of pointers), an in-depth understanding of operating systems constructs and principles (such as virtual memory and system call implementation), and strong proficiency in reading and understanding assembly code.

Content

  • Course introduction
  • OS concepts
  • Design: Worse is Better
  • Concurrent I/O
  • RPC & Transparency
  • Ivy: Distributed Shared Memory
  • Bayou: Weak Connectivity and Update Conflicts
  • GFS: The Google File System
  • OS I/O Performance: Receive Livelock
  • Introduction to Security
  • User Authentification
  • Cryptographic Primitives
  • Secure Sockets Layer/Transport Layer Security (SSL/TLS)
  • Reasoning Formally about Authentication: TAOS
  • Software Vulnerabilities and Expoits
  • Preventing Exploits
  • Containing Buggy Code: Software-based Fault Isolation (SFI)
  • OKWS: Approximating Least Privilege in a Real-World Web Server

An indicative reading list is available at http://readinglists.ucl.ac.uk/departments/comps_eng.html.

Delivery

The module is delivered through a combination of lectures and case studies of real distributed and secure computer systems based on classic and recent research papers. Students read 15-20 research papers independently in the course of the module. They are responsible for understanding and being able to apply the content of the entirety of these papers. Lectures focus on discussion of key points from the papers and critical discussion of the merits and weaknesses of the work described in the papers (but necessarily do not touch upon every detail of every paper).

Assessment

This module is assessed as follows:

#

Title

Weight (%)

Notes

1

Written examination (2 hrs 30 mins)

70

 

2

Coursework 1

15

 

3

Coursework 2

15

 

In order to pass this module, students must achieve an overall weighted module mark of 50%.