|
# |
date |
topic |
reading1 and notes |
|---|---|---|---|
|
1. |
Mon, Jan 6 |
Introduction; what is computer security |
§1 |
|
2. |
Wed, Jan 8 |
Introduction (con't); principles of secure design |
§1, §13 |
|
3. |
Fri, Jan 10 |
Penetration analysis |
§23.1-23.2 |
|
|
Fri, Jan 10 |
Discussion: class project |
|
|
4. |
Mon, Jan 13 |
Vulnerability models |
§23.3-23.4 |
|
5. |
Wed, Jan 15 |
Security in programming |
§29 |
|
6. |
Fri, Jan 17 |
Robust programming |
§handout |
|
|
Fri, Jan 17 |
Discussion: security in programming |
|
|
|
Mon, Jan 20 |
no class (Martin Luther King Day) |
|
|
7. |
Wed, Jan 22 |
Access control matrix, HRU result |
§2, 3.1-3.2 |
|
8. |
Fri, Jan 24 |
Policies and policy languages |
§4.1-4.5 |
|
|
Fri, Jan 24 |
Discussion: none (virtual Monday) |
|
|
9. |
Mon, Jan 27 |
Confidentiality, Bell-LaPadula |
§30,5.1-5.2.2.2 |
|
10. |
Wed, Jan 29 |
Integrity: Biba, Clark-Wilson |
§6.1-6.2,6.4 |
|
11. |
Fri, Jan 31 |
Hybrids: Chinese Wall, ORCON, RBAC |
§7.1,7.3-7.4 |
|
|
Fri, Jan 31 |
Discussion: modular arithmetic, Euclidean algorithm |
§31 |
|
12. |
Mon, Feb. 3 |
Classical cryptography |
§9.1-9.2.4 |
|
13. |
Wed, Feb. 5 |
Public key cryptography, cryptographic hash functions |
§9.3-9.4 project design due |
|
14. |
Fri, Feb 7 |
Key management, certificates |
§10.1-10.2,10.4,10.6 |
|
|
Fri, Feb 7 |
Discussion: review for midterm |
|
|
15. |
Mon, Feb 10 |
Applications and examples of ciphers |
§11.1-11.3, 11.4.2 |
|
16. |
Wed, Feb 12 |
midterm |
|
|
17. |
Fri, Feb 14 |
Authentication and identity |
§12,14.1-14.4,14.6 |
|
|
Fri, Feb 14 |
Discussion: Review of midterm |
|
|
|
Mon, Feb 17 |
no class (Presidents' Day) |
|
|
18. |
Wed, Feb 19 |
Access control: ACLs, C-Lists, Locks and Keys |
§15.1-15.4 |
|
19. |
Fri, Feb 21 |
Confinement Problem: Sandbox, Virtual Machine |
§17.1-17.2 |
|
|
Fri, Feb 21 |
Discussion: to be arranged |
|
|
20. |
Mon, Feb 24 |
Basics of Assurance |
§18 |
|
21. |
Wed, Feb 26 |
Evaluation of systems |
§21.1-21.2,21.7,21.8 |
|
22. |
Fri, Feb 28 |
Malicious logic: Trojan horses, computer viruses |
§22.1-22.5 |
|
|
Fri, Feb 28 |
Discussion: Examples of computer viruses |
|
|
23. |
Mon, Mar 3 |
Malicious logic: defenses |
§22.7 |
|
24. |
Wed, Mar 5 |
Auditing |
§24.1-24.4 |
|
25. |
Fri, Mar 7 |
Intrusion detection |
§25.1-23.4,25.6 |
|
|
Fri, Mar 7 |
Discussion: to be arranged |
|
|
26. |
Mon, Mar 10 |
Network security |
§26 |
|
27. |
Wed, Mar 12 |
to be arranged |
|
|
28. |
Fri, Mar 14 |
to be arranged |
project due |
|
|
Wed, Mar 19 |
final exam, both sections |
1:30PM to 3:30PM |
This syllabus is tentative and subject to change as needed. If there is a topic you want to hear about and it is in the syllabus, please let me know. I won't promise to cover it, but I may ....
1. Unless otherwise noted, all readings are from the text.