[Note: The most recent updates (if any) are highlighted]
CS 5700 - Computer Security and Information Assurance — Spring 2012
Class Web Pages:
Syllabus - main page: index.htm
Detailed course outline (this page): outline.htm
Announcements and slides: announcements+slides.htm
The following list of lecture topics is based on Table of Contents for the textbook (i.e., based on the textbook Security in Computing. Fourth Edition by Pfleeger and Pfleeger, Prentice Hall, 2007, ISBN 0-13-239077-9).
I. We'll cover the following issues (numbers are Chapter numbers):
Is There a Security Problem in Computing?
What Does “Secure” Mean? Attacks. The Meaning of Computer Security. Computer Criminals. Methods of Defense.
2. Elementary Cryptography.
Terminology and Background. Substitution Ciphers. Transposition (Permutations). Making “Good” Encryption Algorithms. The Data Encryption Standard (DES). The AES Encryption Algorithm. Public Key Encryption. The Uses of Encryption.
Chapter 7 will be covered out-of-sequence to facilitate running lab exercises.
7. Security in Networks.
Note: Despite the short list of chapter topics, we'll spend about 30% of lecture time in this area
Network Concepts. Threats in Networks. Network Security Controls. Firewalls. Intrusion Detection Systems. Secure E-Mail.
3. Program Security.
Secure Programs. Nonmalicious Program Errors. Viruses and Other Malicious Code. Targeted Malicious Code. Controls Against Program Threats.
time permits: 4. Protection in
General-Purpose Operating Systems.
Protected Objects and Methods of Protection. Memory and Address Protection. Control of Access to General Objects. File Protection Mechanisms. User Authentication. Summary of Security for Users.
time permits: 6. Database and Data
Introduction to Databases. Security Requirements. Reliability and Integrity. Sensitive Data. Inference. Multilevel Databases. Proposals for Multilevel Security. Data Mining.
II. We'll cover only the major selected topics/issues from:
10. Privacy in Computing
Privacy Concepts. Privacy Principles and Policies. Authentication and Privacy. Data Mining. Privacy on the Web. E-mail Security. Impacts on Emerging Technologies.
Legal and Ethical Issues in Computer Security.
Protecting Programs and Data. Information and the Law. Rights of
Employees and Employers. Redress for Software Failures. Computer Crime. Ethical Issues in Computer Security. Case Studies of Ethics.
III. We will not cover:
5. Designing Trusted Operating Systems.
What Is a Trusted System? Security Policies. Models of Security. Trusted Operating System Design. Assurance in Trusted Operating Systems.
8. Administering Security.
Security Planning. Risk Analysis. Organizational Security Policies. Physical Security.
9. The Economics of Cybersecurity
Making a Business Case. Quantifying Security. Modeling Cybersecurity.
12. Cryptography Explained
Mathematics for Cryptography. Symmetric Encryption. Public Key Encryption Systems. Quantum Cryptography.
© 2007-2012 by Leszek T. Lilien Last updated on 10 Jan. 2012