Instructor:
|
Teaching Assistant:
|
Meetings:
|
Text:
| |
Computer Security: Art and Science,
Matt Bishop, Addison-Wesley, 2003.
|
|
Prerequisites:
| |
CSSE 332
MA 275
|
Operating Systems
Discrete Mathematics I
|
|
|
Course Description:
This course introduces ethical, theoretical, and practical issues of information security in computing systems.
Implications of relevant professional codes of ethics are a recurring theme of the course.
Foundational topics include access control matrices and standard system models, as well as policies for security,
confidentiality, and integrity.
Implementation issues include key management, cipher techniques, authentication, principles of secure design, representation of identity,
access control mechanisms, information flow, life cycle issues, and formal evaluation and certification techniques.
Additional topics include malicious logic, vulnerability analysis, and auditing.
Computer network attack techniques are discussed and explored in a closed environment to motivate and inform discussion and
exploration of computer network defense techniques.
Students who complete this course should be able to:
- Apply ethical theory to cyberethics issues.
- Apply the Access Control Matrix model to represent protection systems.
- Explain the principles that guide the design of authentication mechanisms.
- Apply rudimentary mathematical, statistical, and protocol-based cryptosystem attacks.
- Analyze and apply basic techniques and protocols for cryptographic key management, cryptographic key exchange, public key interchange, and digital signature
- Analyze and apply cryptographic protocols in practical environments;
- Explain the eight basic design principles for security mechanisms;
- Apply basic access control mechanisms
- Analyze information flows in a system to determine whether or not they conform to policy.
- Discuss current events, practices, and tools relevant to computer security.
|