Planned Syllabus

#datetopicreading1 and notes
1.Tue, Apr 1Introduction to computer security§1, §13
2.Thu, Apr 3Access control matrix, HRU result; Take-Grant§2, §3.1-3.3
3.Tue, Apr 8Take-Grant; SPM, expressive power§3.3-3.4
4.Thu, Apr 10Policies, Bell-LaPadula Model§4.1-4.4, 4.7; §5.1-5.3
5.Tue, Apr 15System Z; Integrity models§5.4, §6
6.Thu, Apr 17Chinese Wall Model, CISS, ORCON, RBAC§7
7.Tue, Apr 22Noninterference, Nondeducibility§8.1-8.3
8.Thu, Apr 24More Noninterference, Nondeducibility§8.4-8.5
9.Tue, Apr 29Cryptography: classical, public key, checksums§9
10.Thu, May 1Key management§10
11.Tue, May. 6Applying ciphers§11
12.Thu, May. 8Authentication and identity§12, §14
13.Tue, May 13Access control mechanisms§15
14.Thu, May 15Information flow§16
15.Tue, May 20Confinement, isolation, covert channels§17
16.Thu, May 23Assurance in systems§18, §19.1
17.Tue, May 27More assurance, evaluation of systems§19.2-19.3, §21
18.Thu, May 29Formal Methods§20
19.Tue, June 3Vulnerability analysis§23
20.Thu, June 5Auditing§24

This syllabus is tentative and subject to change as needed. If there is a topic you want to hear about and it is in the syllabus, please let me know. I won't promise to cover it, but I may ....


  1. Unless otherwise noted, all readings are from the text.

This is available in Postscript and PDF.