This course covers design and implementation of secure computer systems. The lectures cover attacks that compromise security as well as techniques for achieving security, based on recent research papers. Topics include operating system security, privilege separation, capabilities, language-based security, cryptographic network protocols, trusted hardware, and security in web applications and mobile phones. The labs involve implementing and compromising a web application that sandboxes arbitrary code, supporting TLS certificates, and adding two-factor authentication.

The course materials, which can be accessed via the external link to the left, are available for reuse under a Creative Commons Attribution 3.0 license.