Introduction to Security -- Fall '05

COMS W4995.002
MonWed 02:40P-03:55 PM
1127 Mudd
Courseworks page

Introduction to computer and network security concepts and mechanisms; measures employed in countering such threats. Concepts and tools available in order to assume an appropriate security posture. Foundations of security. Identification, authentication, authorization. Software design for security and assurance. Hardware assists. Introduction to cryptography and cryptographic protocols (Kerberos, SSL). Firewalls.

Tentative Syllabus

There will be a midterm, a final, and approximately 5 homework assignments.


Matt Bishop
Introduction to Computer Security
ISBN: 0-321-24744-2


Peter Lin
Office hours: 4-6pm Thursday, Mudd 122A.

Pinxing Ye
Office hours: 11-1pm Tuesday, Mudd 122A.


Sep 7
Introduction; Administrivia
Sep 12
Access control
Sep 14
Complex access control

Homework due Sep 28.
Grade histogram.

Sep 19
Sep 21
Sep 26
Biometrics; Authentication as a Systems Problem
Sep 28
Cryptography; Cryptographic Engineering 1
Oct 3
Public key cryptography; hash functions
Oct 5
Key management and handling; random numbers

Homework 2, due October 19
Grade histogram.

Oct 10
Secure programming
Oct 12
Secure programming
October 17
Protecting the Client

Homework 3, due November 2

October 19
Midterm Review  
October 24

Grade histogram.
October 27
Midterm Post-mortem; Architecture  
October 31
November 2
The Confinement Problem
November 9
Viruses and Trojan Horses
November 14
Program Structure
Please see the 4.3BSD FTP daemon source.

Homework 4, due November 30. (Note: Homework 5, which will be due on December 9, will be assigned on November 28. I wanted to avoid having this assignment due immediately after Thanksgiving.)

I've gotten a number of questions about how to use the encryption functions I mentioned. I wrote a sample program to demonstrate it; it's at This is not code that you should use, in the sense that it does too much (printing too much, especially for errors where the man page is wrong) and too little (not doing anything useful with the output, not handling block sizes that aren't a multiple of 8, not seeding the random number generator). But it does show the basics of how to use the CBC encryption function.

November 16
Protecting an E-Commerce Site
November 21
Logging and Auditing
November 23
War Stories
November 28

Homework 5, due December 9

November 30
December 5
Forensics (guest lecturer: Wietse Venema)
December 7
Reading: see above...
December 12
Final exam.
Grade histogram.  

Submitting Homework

All homework assignments must be submitted as a single "tar" file. The filename MUST be of the form UNI.#.tar or UNI.#.tgz, where "UNI" is your UNI and "#" is the number of the homework assignment. Thus, my filename for the first homework assignment would be "smb2132.1.tar". Use .tgz if you've gzip'd the file -- I doubt that that's necessary, but if you're on a slow link you may wish to do that.

Submit the assignments by sending them to my dropbox via the Courseworks "Class Files" mechanism.

All assignments must run on the CLIC machines. See for details. You'll need a CS account to do that; if you don't already have one, see

The tar file MUST unpack to create a single top-level directory whose name is again "UNI.#". Your programs and documents are in that directory; any subdirectories you create are up to you.

There must be a Makefile, a README, plus any program and test data. The Makefile must have targets "build" (which has to be the default), "test" (which runs the program with your test data), "exec", which will be used to run the program with our test data, and "clean". Any command-line arguments (which must be documented) are supplied by saying ARG="..." on the "make" command. If you hae more than one test set, "make test" must invoke them all. "make clean" should delete any .o files, executables, core dumps, test output, etc. Run "make clean" before submitting the assignment.

A sample homework assignment is in