Computer Science 530 - Syllabus and Reading List -- Fall 2009

This is a preliminary Syllabus and reading list. Most topics will take several lectures to cover. In addition to the primary discussion for each lecture, 10 minutes of each lecture will be set aside for discussion of current events in the computer security arena. Topics may change as we bring the course material up to date with current practice. Dates may change depending on progress throug the semester. Reading assignments are designated as such. Links from system names in the syllabus are for general information only.

Readings are on topics related to the lecture, but lectures are not from the book. Students are expected to have have completed the assigned readings prior to lecture so that they have backround appropriate for class discussion.

Date	Topic/Readings	Slides	Lab Info
Lecture 1 August 28	The Security Problem A working definition of security Evaluating security Systems security vs network security vs data security Societal aspects of security, ethical and legal foundations Readings: Bishop, Chapter 1, An Overview of Computer Security	Lec 1 PPT or Part I at slide 2	Lab Introduction.
Lecture 2 September 4 2009	Cryptography - An Overview Secret key cryptography Public key cryptography Hashes and message digests Steganography Readings: Bishop, Chapter 9, Basic Cryprography Bishop, Chapter 11 (only through section through 11.2), Cipher Techniques Garfinkel (Is Encryption Doomed)	Lec 2 PPT or Part I at slide 30	Packet Sniffing
Lecture 3 September 11 2009	Key management Diffie-Hellman Key Exchange Ties to Authentication Protocols Public-key Key Exchange (PGP, X.500, S/MIME) Peer-to-peer Group key management Readings: Bishop, Chapter 10, Key Management Needham and Schroeder (you may need to use the VPN for access) Rafaeli and Hutchison (you may need to use the VPN for access)	Lec 3 PPT or Part I at slide 74	Cryptography
Lecture 4,5 September 18,25 2009	Authentication and Identity Management Password-based authentication Unix vs Windows Kerberos X.500 Hardware authentication Biometrics (plus more material to be added) Readings Bishop, Chapter 12, Authentication Lamport Neuman, Ts'o (Kerberos) Neuman and Stubblebine (Timestamps vs. Nonces) Kormann and Rubin (Risks of Passport)	Lec 4 PPT Lec 5 PPT or Part I at slide 127	Authentication, Authorization
Lecture 6 October 2, 2009	Authorization and Policy Policy ACLs GAA-API Readings: Barkley: Comparing Simple Role Based Access Control Models and Access Control Lists) Ryutov,Neuman,Kim,Zhou: Integrated Access Control and Intrusion Detection for Web Servers Readings: Bishop, Chapter 2, Access Control Matrix Readings: Bishop, Chapter 4, Security Policies Readings: Bishop, Chapter 5, Confidentiality Policies	Lec 6 PPT or Part I at slide 174	TBS
Mid-term October 9 2009	Mid-Term Exam (9:00 AM - 10:40 AM) Short lecture following at 11:00 AM (See next lecture block for content)	see below	TBS
Lecture 7,8 October 9,16 2009	Untrusted Computing - e.g. Malicious Code (Short lecture with intro on 10th, rest of topic on 17th) Viruses Worms Spyware Denial of service attacks Transmission vectors, e.g. spam Readings Moore, Paxon, Savage, Shannon, Stanford & Weaver: Inside the Slammer Worm Thompson, Ken: Reflections on Trusting Trust - ACM Turing Award Lecture 1984 Readings: Bishop, Chapter 22, Malicious Logic	Part II at slide 1	TBS
Lecture 9 October 23 2009	Countermeasures Firewalls Virus checkers Patch and configuration management Readings Bishop, Chapters 26 and 27, Network and System Security	Part II at slide 30 starting @45	Firewalls
Lecture 10 October 30 2009 (will extend into lecture 11)	Intrusion detection and response Commercial Itrusion Detection Systems Research Itrusion Detection Systems Response systems Readings Bishop, Chapter 25, Intrusion Detection Taimur Aslam, Ivan Krsul, and Eugene H. Spafford, A Taxonomy of Security Faults, Proceedings of the National Computer Security Conference, Coast TR 96-05, 1996. C. Ko, G. Fink, K. Levitt, Automated Detection of Vulnerabilities in Privileged Programs by Execution Monitoring, Proc. of the 10th Annual Computer Security Applications Conference, December 1994, pp 134-144. Debra Anderson, Thane Frivold, and Alfonso Valdes, Next Generation Intrusion Detection Expert System (NIDES) a Summary, SRI Computer Science Laboratory Technical Report SRI-CSL-95-07, May 1995. S Singh, C Estan, G Varghese, S Savage, The EarlyBird System for Real-time Detection of Unknown Worms , ACM Workshop on Hot Topics in Networks, 2003.	Part II	Intrusion Detection
Lecture 11 November 6 2009	The Human Element Social Engineering Phishing Character sets Complexity of proper security deployment Configuration issues Passwords Readings Phinding Phish: Evaluating Anti-Phishing Tools, Zhang, Egelman, Cranor and Hong, 2007 Internet Society Symposium on Network and Distributed Systems Security.	Part II	TBS
Lecture 12,13 November 13 2009	Trusted Computing The Public Perception of Trusted Computing The Hardware Basis for Trusted Computing The Software and OS Basis for Trusted Computing Virtualization Negotiating Trust and Obligation Case Studies Readings Glance at the web site for the Trusted Computing Group Vivek Haldar, Deepak Chandra and Michael Franz, Semantic Remote Attestation -- A Virtual Machine directed approach to Trusted Computing In proceedigs of the 3rd Virtual Machine Research and Technology Symposium. Additional papers will be posted later in the semester	Part II	TBS
Lecture 12,13 November 20 2009	Privacy Cyber-Physical Systems Requirements for Security Need for performance isolation Security for Cloud Computing Readings Challenges in Security for Cyber-Physical Systems Security risks in Cloud Computing from InfoWorld July 2, 2008.	Part II	TBS
TG November 27 2009	Thanksgiving Recess, No Lecture	N/A	None
Lecture 14 December 4 2009	SCADA and Cyber-Physical Systems Security Selected Topics and Review	Part II	None
Final Exam Monday December 14, 2009	Final Exam (11:00 AM - 1:00 PM)	N/A	None