Computer security concepts and mechanisms; measures employed in countering such threats. Concepts and tools available in order to assume an appropriate security posture. Foundations of security. Identification, authentication, authorization. Software design for security and assurance. Hardware assists. Security architecture; design for security. Security tradeoffs.
|
|
Readings
The textbook is The Craft of System Security, Sean Smith and John Marchesini, Addison-Wesley, 2007, ISBN 0-321-43483-8. Some readings will be from primary sources.Office Hours
Hang Zhao, 604 CEPSR, Tue 03:00-05:00PMPrerequisites
You must be able to program in C or C++. If you can't, you should seriously consider dropping this class.You should have a decent knowledge of computer architecture. Operating Systems (W4118) and Introduction to Cryptography (W4261) are helpful but not required. (Note: the official bulletin says that W4118 is a prerequisite. Ignore that...)
Homework Policy
There will be four or five homework assignments, each consisting of a written part (30%) and a programming part (70%). Three or four of the homeworks will be part of a single, large project.Unless otherwise instructed, all homeworks must be written in C or C++. Java is not acceptable; don't bother asking.
Late assignments are subject to increasing penalties. There are no grace days or "free lates". See the slides from the first class for details.
Grading
| Homeworks | 50% |
| Midterm | 20% |
| Final | 30% |
All exams are open book. This means that there won't be any "define Foo" questions. Most questions will ask you to think and to integrate material from different lectures.
Final grades are curved.