Logistics

Professor
Prof. Steven M. Bellovin
Time
Tuesday Thursday 13:10–14:25
Room
Mudd 524
Office Hours
See my home page.

Summary

Computer Security II is an advanced course on computer and network security. It is intended for security specialists, people who design and assess security systems.

IAs

Ben Allison
benjamin.allison@columbia…: Friday 4:00–5:00, CS Lounge
Nikhil Mehta
nikhil.mehta@columbia…: Monday 1:30–2:30, Butler Library Cafe
Changes will be announced on Edstem.

Readings

Textbook
Thinking Security: Stopping Next Year's Hackers, Steven M. Bellovin, Addison-Wesley, 2016, ISBN 0-13-427754-6, 0-13-427754-6. NOTE WELL: the book is currently only available as an ebook. It is not available on Amazon; while you can buy the ebook from other online bookstores, if you use the publisher's site link you get two different formats: an an .epub (for Nooks, Apple's iBooks, and many other readers) and a .pdf. These are watermarked to the purchaser but there is no DRM locking it to any single device.
Optional (and free!) text
Security Engineering, Second Edition, Ross J. Anderson, Wiley, 2008, ISBN-13: 978-0470068526, ISBN-10: 0470068523.
Other readings
Some readings will be from primary source materials.
Readings are listed for each lecture.

Prerequisites

Computer Security I or the permission of the instructor.

Assignments

Late assignments are subject to increasing penalties. There are no grace days or "free lates". See the slides from the first class for details.

Grading

There will be four or five homework assignments, a midterm, and a final. The (cumulative) final exam will be on the date assigned by the registrar; currently, that is Tuesday, May 9, 1:10–4:00.

All exams are open book. This means that there won't be any "define Foo" questions. Most questions will ask you to think and to integrate material from different lectures—and having the textbook open probably won't help...

Final grades are curved.