CSSE 442 - Computer Security Winter Quarter 2019-2020 Rose-Hulman Institute of Technology Instructor: Sid Stamm Office Phone: 812-877-8364 Office Address: Moench F216 E-mail: stammsl@rose-hulman.edu Web: http://www.rose-hulman.edu/class/csse/csse442/ Textbook: Foundations of Security (Daswani, Kern & Kesavan) -------------------------------------------------------------------------------- Course Description: This course introduces theoretical, practical, and social issues in information security in computing systems. Ethics, risk/reward decision making and social aspects are recurring themes of the course. Foundational topics include: formal security models, security of design and software lifecycle, real-world trade-offs, and implementation of confidentiality, integrity and availability. Network, application and web security contexts are explored and discussed in a closed testing environment to motivate and inform exploration of computer system attack and defense techniques. Students who successfully complete this course will be able to: 1. Given a set of threats, identify or design a security policy and mechanism in terms of confidentiality, integrity, and availability that will counter the threats. 2. Given a description of a system, identify and quantify threats including disclosure, deception, disruption, and usurpation. 3. Explain principles that guide the design of secure software. 4. Discuss current events, practices, vulnerability reports, and tools relevant to computer security. 5. Analyze and explain the effect malicious software could have on software or a computing system. 6. Explain the roles of cost-benefit analysis, risk analysis, laws and customs, organizational issues, and personnel issues in choosing appropriate security policies and mechanisms. Course Requirements: To earn a passing grade, you must complete homework, in-class quizzes, two in-class exams, in-class labs, participate in Class activities, and complete a small-group research project including presentation. Grading: In estimating your grade, weight the work as follows: 20% Homework and Quizzes 25% In-class exams 20% Labs 20% Group Project 15% In-class Discussion In general, 90-100% is an A, 80-89% is a B, 70-79% is a C, 60-69% is a D. The above weights and percentages are a guideline that we typically follow. Please understand that it is not a promise. We will do our best to conform to the institute-wide grading policy described in the Grade Descriptions section of the registrar's web page. https://www.rose-hulman.edu/campus-life/student-services/registrar/rules-and-procedures/grades.html Attendance Policy Regular attendance is expected. Good Citizenship In this class you may learn things to protect but also to exploit flaws systems for educational purposes. You are expected to act ethically and only use these skills on systems when authorized by the owners of those systems. This course in no way protects or exempts you from following policies and laws. Don't be a jerk or a criminal. If at any time you are uncertain if something is allowed: stop, think, and ask. Academic Integrity Collaboration is required on certain graded events (team presentations), prohibited on others (individual quizzes, homework and exams), and encouraged on the remainder. Copying is not collaboration. Working out a solution as a group is acceptable collaboration. Each individual is responsible for understanding the entire solution. For homework, this means that once a group solution has been achieved, each collaborator must rework the problem and write up the solution independently. You must properly credit your collaborators and clearly indicate the extent of the collaboration, except where it is obvious (e.g. team quizzes in which all team members participated roughly equally). Failure to acknowledge collaboration can be considered cheating. You are welcome to talk to the instructor if you have any questions regarding our expectations. Late Assignments Homework and quizzes must be submitted on time to receive credit for them. Concerns about anything? Got a problem and can't get your assigments done on time? Come talk to me and we'll work something out!