The lectures and readings listed here are subject to change, including in response to current events (i.e., major new security holes).

Sep 09
  • Text, Chapter 1
  • Thinking Security, Chapters 1-3
Sep 14
Access Control
  • Text, Chapter 2
  • The man page for Linux access control lists; run 'man 5 acl' on the CLIC machines
Sep 16
Complex Access Control
Sep 21
Sep 23
Introduction to Cryptography
Sep 28
Oct 07
Secure Programming I
Oct 12
Secure Programming II
Oct 14
Protecting the Client
Oct 19
Cryptographic Engineering
Oct 21
Viruses and Trojan Horses
Readings mentioned in class:
Oct 26
Oct 28
Security and Usability
Nov 04
No class
Nov 09
Nov 11
Nov 18
Program Structure II
Nov 23
Security Analysis I
Nov 25
Physical and Procedural Security
Nov 30
Security Analysis II
Dec 02
The Internet of Things
Dec 07
Dec 09
After an Attack
  • "The Taking of Clark", Chapter 17, Firewalls and Internet Security: Repelling the Wily Hacker, William R. Cheswick, Steven M. Bellovin, and Aviel D. Rubin, Second Edtion, Addison-Wesley, 2003.
  • "File System Analysis", Chapter 4, Forensic Discovery, Dan Farmer and Wietse Venema, Addison-Wesley 2004. Read Chapter 4.
  • Playing "Hide and Seek" with Stored Keys, Adi Shamir and Nicko van Someren, Proceedings of the Third International Conference on Financial Cryptography, 1999. (Recommended)
Dec 14
System Structure
  • Thinking Security, Chapter 17
Dec 23
Final Exam
    The exam is 1:10-4:00, in the usual room for the course.