Learning Objective:Learns the basic concepts of applied cryptography and security. Learn the basic tools for security. Learn a number of security problems that exist in software, operating systems, web applications, and network communications; the causes of these problems; approaches to mitigate them; and the pros and cons of these approaches. Learn how to analyze and improve the security when designing a system.
Basic notions of confidentiality, integrity, availability; authentication models; protection models; security kernels; secure programming; audit; intrusion detection and response; operational security issues; physical security issues; personnel security; policy formation and enforcement; access controls; information flow; legal and social issues; identification and authentication in local and distributed systems; classification and trust modeling; and risk assessment.
Topics Covered:Introduction, Formalisms, Policy, Basic Cryptography, OS Security, System Design, Network Security, Intrusion Detection and Response, Physical and Personnel Security, Operational Security, Legal and Societal Issues.
Prerequisites:A bachelor degree in computer science or an equivalent field. Students not in the Computer Science master's program should seek department permission to register.
Applied / Theory:60 / 40
Homework:There will be between 6 and 8 assignments (each is either a written homework, a programming project, or a review of a paper from the research literature)
Projects:Required: There will three programming projects. The first one is likely to be simulating an encrypted file system. The second one involves exploiting software vulnerabilities. The third one involves exploiting and fixing web application security problems.
Exams:There will be a 120-minute midterm exam and a 120-minute final exam, which covers the whole course.
Textbooks:Official textbook information is now listed in the Schedule of Classes. NOTE: Textbook information is subject to be changed at any time at the discretion of the faculty member. If you have questions or concerns please contact the academic department.
No course materials are required for this section.