The lectures and readings listed here are subject to change, including in response to current events (i.e., major new security holes).
Sep 03
  • Text, Chapter 1
  • Thinking Security, Chapters 1-3
Sep 08
Access Control
  • Text, Chapter 2
  • The man page for Linux access control lists; run 'man 5 acl' on the CLIC machines
Sep 10
Complex Access Control
Sep 15
Sep 17
Introduction to Cryptography
Sep 22
Oct 01
Secure Programming I
Oct 06
Secure Programming II
Oct 08
Protecting the Client
Oct 13
Cryptographic Engineering
Oct 15
Viruses and Trojan Horses
Readings mentioned in class:
Oct 20
Security and Usability
Oct 22
Oct 27
Physical and Procedural Security
Oct 29
Nov 05
Nov 12
Program Structure II
Nov 17
Security Analysis I
Nov 19
Security Analysis II
Nov 24
The Internet of Things
Dec 01
Dec 03
After an Attack
  • "The Taking of Clark", Chapter 17, Firewalls and Internet Security: Repelling the Wily Hacker, William R. Cheswick, Steven M. Bellovin, and Aviel D. Rubin, Second Edtion, Addison-Wesley, 2003.
  • "File System Analysis", Chapter 4, Forensic Discovery, Dan Farmer and Wietse Venema, Addison-Wesley 2004. Read Chapter 4.
  • Playing "Hide and Seek" with Stored Keys, Adi Shamir and Nicko van Someren, Proceedings of the Third International Conference on Financial Cryptography, 1999. (Recommended)
Dec 17
Final Exam
    The exam is 1:10-4:00, in the usual room for the course.