Logistics

Professor
Prof. Steven M. Bellovin
Time
Tuesday Thursday 13:10–14:25
Room
833 Mudd
Office Hours
See my home page.

Summary

Computer Security II is an advanced course on computer and network security. It is intended for security specialists, people who design and assess security systems.

IAs

TBD

Readings

Textbook
Thinking Security: Stopping Next Year's Hackers, Steven M. Bellovin, Addison-Wesley, 2016, ISBN 0-13-427754-6, 0-13-427754-6. NOTE WELL: the book is currently only available as an ebook. It is not available on Amazon; while you can buy the ebook from other online bookstores, if you use the publisher's site link you get three different formats: a .mobi (which you can load onto a Kindle), an .epub (for Nooks, Apple's iBooks, and many other readers), and a .pdf. All of these are watermarked to the purchaser but there is no DRM locking it to any single device.
Optional (and free!) text
Security Engineering, Second Edition, Ross J. Anderson, Wiley, 2008, ISBN-13: 978-0470068526, ISBN-10: 0470068523.
Other readings
Some readings will be from primary source materials.
Readings are listed for each lecture.

Prerequisites

Computer Security I or the permission of the instructor.

Assignments

Late assignments are subject to increasing penalties. There are no grace days or "free lates". See the slides from the first class for details.

Grading

There will be four or five homework assignments, a midterm, and a final. The final exam may be during the semester, if the registrar does not assign a slot for it.

All exams are open book. This means that there won't be any "define Foo" questions. Most questions will ask you to think and to integrate material from different lectures—and having the textbook open probably won't help...

Final grades are curved.