USC Computer Science 530 (CSci 530): Security Systems - Fall 2006
Lecture Friday - 9:00 to 11:45 AM, OHE 122
Clifford Neuman
Lab Instruction on Fridays - 3:30 - 4:20 PM
Time for hands on lab activities to be selected
by students from among several alternative times.
Note: There is also a lab session lisetd in the schedule of
classes for 6:00-6:50 PM.
This second lab section is there only
for use by students that will view the lab instruction
remotely
through DEN, and whose schedules conflict with the 3:30
PM scheduled lab section.
Announcements
- Final Exam Monday December 11, 11AM in SGM 124.
- Dr. Neuman will hold office hours Wednesday 12/6 from 1:00 to 2:30
PM. There will not be office hours on Friday 12/8.
Course content
- Discussion boards and webcases of lectures avalable by logging in
to DEN
- Links to supplementary readins in the Syllabus below.
- Links to lecture sides will be posted by the night before lecture and
linked from the Syllabus.
- Information on Lab Instruction
Assignments
Course Summary
This class will provide students an overview of systems security, its
workings, and its role in protecting data and computing resources. The
course begins with a discussion of the fundamental problem and tools
in protecting a computing system, and proceeds through the various
security services that apply to these systems. By the end of the
course, at the highest level, students will be able to:
- Discuss the technical, business, societal, and ethical aspects of probems in
computer security.
- Describe and assess a broad range of security systems deployed or
suggested for solving those problems.
- Understand the fundamental mathematics and engineering underlying security systems.
- Judge the suitability of security systems for particular applications.
- Know how to develop new security systems and features.
Pre-Requisites
- The student should have already taken CS 402 or passed the
department's operating system diagnostic exam.
Textbooks
- Bishop, Computer Security: Art and Science, Addison-Wesley
Professional, 1st Edition. ISBN 0201440997
(required - it is available from
the USC Book Store, or online from many sources.)
Other readings
Other readings will be assigned with links to online version provided
from the syllabus on this page. Where the online papers are available
through the ACM or IEEE digital libraries, you may retrieve them using
USC's subscription if you connect from a USC internet address. When
accessing these papers from home, you may need to use USC's VPN to
obtain a USC Internet address that allows retrieval of the documents.
For more information on VPN access visit the USC ITS VPN page.
Schedule
- First Lecture - Friday August 25th, 2006 9:00 AM - 11:45 AM.
- Mid-term exam - Friday October 13 9:00AM
- 10:40 AM, with short lecture following 10:55-11:45
- Final Exam - Monday December 11th, 2006 11:00AM - 1:00 PM.
Instructors and Assistants
Clifford Neuman
- Office: Information Sciences Institute - 310-448-8736
- Office hours: 12:50 - 1:50 PM on Fridays - SAL-212 - 213-821-4221
or by appointment
- Email: csci530 at usc.edu (to Instructor and TAs)
- Email: csci530f06 at clifford.neuman.name (to just instructor)
Joseph Greenfield (Lab Instructor)
- Email: csci530l at usc.edu (to lab instructor and all lab assistants)
- Email: Joseph.Greenfield at usc.edu (to just the lab instructor)
- Lab assistants:
- Nakul Datar - (ndatar at usc.edu)
- Matt Haughom - (mhaughom at usc.edu)
- Richard Rivetti - (rivetti at usc.edu)
Deepak Dayama -- (Teaching Assistant)
- Office: Salvatori (SAL) 229 - 213-740-4521
- Office hours: Monday 10AM-11AM, Wednesday 12:30PM-1:30PM
or by appointment
- Email: csci530 at usc.edu (to Instructor and TAs)
- Email: dayama at usc.edu (just to Deepak Dayama)
Exams from Prior years
The following are copies of the exams from prior years which
may be used to help prepare for this years mid-term and final.
Course Grade Components
The course grade will be based on 3 short homework assignments (15
percent total), several hands on laboratory experiments (pass/fail -
less 15% of grade if you skip them), a midterm exam (25 percent), a
written paper or project (30 percent), and a final exam (30 percent).
The final exam is cumulative, meaining it will cover all of course
material, although there will be an emphasis on the second half of the
course (after the midterm). Some questions on the mid-term and final
will be written to test your understanding of the material covered in
the lab session. Up to a 10% bonus will be applied for significant
class participation.
The paper assignment will ask for an 8-12 page paper discussing in
detail the implementation and implications of either an existing
security system, or one proposed by the student. Other paper topics or
projects may be approved by the instructor. The paper or project must
constitute work completed for CSci530, although topics may be chosen
so that the paper or project forms the basis of future work by the
student. Papers or projects are to be the individual work of the
student. The tentative due date for the paper will be the last
lecture for the class. Paper proposals will be due some time in the
first half of October.
As they are graded and returned, letter grades will be assigned for
each component of the course grade. The final course grade will be
calculated twice, once as a weighted average of the individual
component grades, and then with an extra 10% weight calculated as an
"A+" for class participation. You actual course grade will fall
somewhere between these two numbers, depending on your actual
participation in class, lab, and in the online discussion forums. It
will be to your advantage to make useful contribute to discussion in
the online forum, as that is the record of class participation that is
most readily reviewed by me at the end of the semester.
Academic Integrity
As an instructor I take academic integrity seriously. Cases of
academic misconduct will result in the assignment of a failing grade
for the class and referal of the matter to the student conduct office.
In each of the past several years I have turned in multiple students
for cheating and assigned failing grades. Information on what
constitutes academic dishonesty can be found on the CSci530 academic integrity page, and by
following links to university resources found on that page.
Class Topics
The following is a preliminary syllabus for the course. This will be
refined after initial assessment of the interests of the class. Most
topics will take several lectures to cover. In addition to the
primary discussion for each lecture, 15 minutes of each lecture will
be set aside for discussion of current events in the computer security
arena.
Readings are on topics related to the lecture, but lectures are not
from the book. Students are expected to have have completed the
assigned readings prior to lecture so that they have backround
appropriate for class discussion.
- The Security Problem (August 25, 2005)
- A working definition of security
- Evaluating security
- Systems security vs network security vs data security
- Societal aspects of security, ethical and legal foundations
- Readings: Bishop, Chapter 1, An Overview of Computer Security
- Lectures: 1 (August 25)
- Lab: Lab lecture only - logistics and introduction - no lab
assignment for following week.
- Cryptography - An Overview (September 1) (Guest Lecture by
William Cheng)
- Secret key cryptography
- Public key cryptography
- Hashes and message digests
- Steganography
- Readings: Bishop, Chapter 9, Basic Cryprography. and Chapter 11
(only through section through 11.2), Cipher Techniques
- Readings: Garfinkel (Is Encryption Doomed)
- Lectures: 2 (September
1)
- Key management (September 8, 2006)
- Authentication and Identity Management (September 15th, September 22nd)
- Authorization and Policy (September 29, October 6)
- Mid-term exam (October 13)
- The mid-term examination will be held during a regularly scheduled
course meeting time, during the first 100 minutes of lecture.
- The mid-term exam will be followed by a short lecture
on the start of Malicious code.
- Untrusted Computing - e.g. Malicious Code (October 20)
- Viruses
- Worms
- Spyware
- Denial of service attacks
- Transmission vectors, e.g. spam
- Readings: Bishop, Chapter 22, Malicious Logic
- Lectures: 9 (October 20)
- Countermeasures (November 27)
- Firewalls
- Virus checkers
- Patch and configuration management
- Readings: Bishop, Chapters 26 and 27, Network and System Security
- Lectures: 10 (October 27)
- Intrusion detection and response (November 3)
- Commercial Itrusion Detection Systems
- Research Itrusion Detection Systems
- Response systems
- Readings: Bishop, Chapter 25, Intrusion Detection
- Readings: Papers
- Lectures: 11 (November 3)
- Taimur Aslam, Ivan Krsul, and Eugene H. Spafford, A Taxonomy of
Security Faults, Proceedings of the National Computer Security
Conference, Coast TR 96-05, 1996.
- C. Ko, G. Fink, K. Levitt, Automated
Detection of Vulnerabilities in Privileged Programs by Execution
Monitoring, Proc. of the 10th Annual Computer Security
Applications Conference, December 1994, pp 134-144.
- Debra Anderson, Thane Frivold, and Alfonso Valdes, Next Generation Intrusion Detection
Expert System (NIDES) a Summary, SRI Computer Science Laboratory
Technical Report SRI-CSL-95-07, May 1995.
- The Human Element (November 10)
- Trusted Computing(November 17)
- New Thinking and New Environemtns for Security (December 1)
- Final Examiniation (Monday December 11) 11:00 AM to 1:00 PM.
- The final exam will be held during finals week, at the date and
time assigned by the University.
- The final exam is comprehensive, covering all material from the
course.
- The final examination will be open book.