COMS E6998-9, INAF U6518-001, Law L8989.00: Cybersecurity: Technology, Policy and Law

Logistics

Professors: Steven M. Bellovin, Jason Healey, and Matthew Waxman

Time: Tuesday 4:10-6:00
Room 405 International Affairs Building

Office Hours:

Bellovin: see web site
Healey: Tuesday mornings, 10am to noon, appointments highly recommended
Waxman: TBD

Summary

This seminar will bring together professors and select students from three schools to discuss how different disciplines solve cybersecurity issues. Classes will cover the technical underpinnings of the Internet and computer security; the novel legal aspects from technology, crime and national security; and the various policy problems and solutions involved in this new field.

Surveillance
Cryptography
Cyber Conflict

Readings

See the readings assigned for each lecture.

Prerequisites

Permission of the instructor.

Some knowledge of programming is helpful but not required

Assignments

One main outcome of this class is to bring together students from each school to bring their perspectives to problems of global interest. Early in the semester, the professors will assign groups of six students, two from each school. Each group will be assigned one of the following areas; obviously, not all will be covered:

Technical, policy, and legal norms to reduce intensity of cyber conflict;
Technical, policy, and legal actions to balance security and privacy;
Technical, policy, and legal actions to secure smart cities;
Technical, policy, and legal actions to secure networked medical devices;
Technical, policy, and legal actions to reduce identity theft and credit-card fraud;
Technical, policy, and legal actions to secure financial transactions and institutions;
Technical, policy, and legal actions to find norms to reduce cyber espionage;
Technical, policy, and legal actions to secure the electrical grid;
Technical, policy, and legal considerations for vulnerability disclosure;
Technical, policy, and legal considerations for information operations.
Technical, policy, and legal actions to secure elections

There are two related assignments for this paper. First, each group is responsible for an initial scoping paper, of about 2000 words, on the issue, bringing the perspective and tools from the viewpoint of professionals from their field. So for example, on a team studying identity theft and credit-card fraud, the student from Computer Science would write on technologies for secure transactions; the Law student on criminal fraud statutes and issues of liability, and the SIPA student on relevant public policy solutions, such as aligning market incentives. This paper should include some thoughts on recommendations. For example, if there is expensive new technology to make the electrical grid more secure, should state Public Utility Commissions allow those companies to charge a higher rate to cover the costs?

Second, the group is collectively responsible for a final paper, of about 6000 words, bringing together all their research together into a polished product. This paper will be due the Tuesday after the final class.

During this process, the professors will connect the students to relevant professionals to be interviewed for these papers.

Other Items:

Please familiarize yourself with the proper methods of citation and attribution, for both traditional publications and legal writings, e.g., statutes and cases. There are various useful resources online; we strongly encourage you to familiarize yourself with these various styles before conducting your research.
Columbia University does not tolerate cheating and/or plagiarism in any form. Those students who violate the Code of Academic & Professional Conduct of their relevant school will be reported and subject to the appropriate disciplinary procedures.