Tentative Syllabus

#datetopicreading 1 and notes
1.Fri, Sep 26Introduction; what is computer security §1
2.Mon, Sep 29Principles of secure design§13
3.Wed, Oct 1Robust programminghandout
 Wed, Oct 1Discussion: class project, robust programming 
4.Fri, Oct 3Access control matrix, HRU result§2, 3.1-3.2
5.Mon, Oct 6Security policies§4.1-4.4, 4.6
6.Wed, Oct 8Confidentiality models: Bell-LaPadula Model§5.1,5.2.1-5.2.2
 Wed, Oct 8Discussion: to be arranged§30
7.Fri, Oct 10Integrity models: Biba strict integrity, Clark-Wilson§6.1,6.2.3,6.4
8.Mon, Oct 13Basic cryptography: classical§9.1-9.2
9.Wed, Oct 15Basic cryptography: public key§9.3
 Wed, Oct 15Discussion: modular arithmetic, Euclidean algorithm§31
10.Fri, Oct 17Basic cryptography: cryptographic hashes§9.4
11.Mon, Oct 20Key distribution§10.1-10.2
12.Wed, Oct 22Certificates and PKI, digital signatures§10.4,10.6
 Wed, Oct 22Discussion: Entropy, uncertainty§32
13.Fri, Oct. 24Cryptography and networks§11.1,11.3-11.4
14.Mon, Oct. 27Authentication: passwords§12.1-12.2
15.Wed, Oct 29Authentication: other methods§12.3-12.6
 Wed, Oct 29Discussion: review for midterm 
16.Fri, Oct 31Identity: users, groups, roles§14.1-14.4
17.Mon, Nov 3midterm 
18.Wed, Nov 5Identity: names, anonymity§14.5-14.6
 Wed, Nov 5Discussion: Passwords, salts§12.2
19.Fri, Nov 7Access control mechanisms: ACL, C-List§15.1-15.2
20.Mon, Nov 10Access control mechanisms: others§15.3-15.5
21.Wed, Nov 12Information flow: compiler-based mechanisms§16.1,16.3
 Wed, Nov 12Discussion: review of midterm 
22.Fri, Nov 14Information flow: execution-based mechanisms§16.4-16.5
23.Mon, Nov 17Assurance: introduction and basic concepts§18
24.Wed, Nov 19Formal evaluation of systems: TCSEC, CC§21.2, 21.8
 Wed, Nov 19Discussion: Review of robust programming 
25.Fri, Nov 21Malicious logic: taxonomy§22.1-22.5
26.Mon, Nov 24Malicious logic: defenses§22.7
27.Wed, Nov 26Penetration studies, Flaw Hypothesis Methodology§23.1-23.2
 Wed, Nov 26Discussion: to be arranged 
 Fri, Nov 28no class (Thanksgiving Holiday) 
28.Mon, Dec 1Vulnerability taxonomies§23.3-23.4
29.Wed, Dec 3Auditing systems§24
 Wed, Dec 3Discussion: review for final 
30.Fri, Dec 5to be arranged 
 Tue, Dec 9final exam4:00PM to 6:00PM

1. Unless otherwise noted, all readings are from the text.

Here is a PDF version of this document.