Professors: Steven M. Bellovin, Jason Healey, and Matthew Waxman

Time: Tuesday 4:10-6:00
Room 405 International Affairs Building

Office Hours:


This seminar will bring together professors and select students from three schools to discuss how different disciplines solve cybersecurity issues. Classes will cover the technical underpinnings of the Internet and computer security; the novel legal aspects from technology, crime and national security; and the various policy problems and solutions involved in this new field.

  • Surveillance
  • Cryptography
  • Cyber Conflict


See the readings assigned for each lecture.


Permission of the instructor.

Some knowledge of programming is helpful but not required


One main outcome of this class is to bring together students from each school to bring their perspectives to problems of global interest. Early in the semester, the professors will assign groups of six students, two from each school. Each group will be assigned one of the following areas; obviously, not all will be covered:
  1. Technical, policy, and legal norms to reduce intensity of cyber conflict;
  2. Technical, policy, and legal actions to balance security and privacy;
  3. Technical, policy, and legal actions to secure smart cities;
  4. Technical, policy, and legal actions to secure networked medical devices;
  5. Technical, policy, and legal actions to reduce identity theft and credit-card fraud;
  6. Technical, policy, and legal actions to secure financial transactions and institutions;
  7. Technical, policy, and legal actions to find norms to reduce cyber espionage;
  8. Technical, policy, and legal actions to secure the electrical grid;
  9. Technical, policy, and legal considerations for vulnerability disclosure;
  10. Technical, policy, and legal considerations for information operations.
  11. Technical, policy, and legal actions to secure elections
There are two related assignments for this paper. First, each group is responsible for an initial scoping paper, of about 2000 words, on the issue, bringing the perspective and tools from the viewpoint of professionals from their field. So for example, on a team studying identity theft and credit-card fraud, the student from Computer Science would write on technologies for secure transactions; the Law student on criminal fraud statutes and issues of liability, and the SIPA student on relevant public policy solutions, such as aligning market incentives. This paper should include some thoughts on recommendations. For example, if there is expensive new technology to make the electrical grid more secure, should state Public Utility Commissions allow those companies to charge a higher rate to cover the costs?

Second, the group is collectively responsible for a final paper, of about 6000 words, bringing together all their research together into a polished product. This paper will be due the Tuesday after the final class.

During this process, the professors will connect the students to relevant professionals to be interviewed for these papers.

Other Items:


  • 15%: Initial scoping and recommendations (group paper)
  • 35%: Final submission
Two short papers on specific issues to be determined during the semester. One paper will focus each on a cybersecurity technology issues, a policy issue, and a legal issue.
Class participation