CS 410-3
Computer Security
Catalog Description
A broad overview of the principles, mechanisms, and implementations of computer security. Topics include cryptography, access control, software security and malicious code, trusted systems, network security and electronic commerce, audit and monitoring, risk management and disaster recovery, military security and information warfare, physical security, privacy and copyrights, and legal issues.
Prerequisite:
CS306 with a grade of C or better.
Objectives
1.To introduce the principles, mechanisms and implementation of information and communication security in computer systems and networks.
2.To provide an understanding of the fundamentals of cryptography and its deployment.
3.To provide a thorough coverage of the up-to-date security protocols and explain the design criteria and possible flaws behind them.
4.To provide an understanding of security threats and their countermeasures.
5.To teach students how to build secure software and systems.
6.To have students gain hands-on experience with programming techniques for security protocols.
Course Outline
| Lectures | ||
| 1. | Introduction
security goals types of threats security policies models, security standards |
2 |
| 2. | Cryptography
classical ciphers stream and block ciphers public-key encryption hashes and message digests signature schemes key establishment and management |
12 |
| 3. | Network security
PKI E-mail security IP security Web security virtual private networks sniffing and spoofing firewalls denial-of-service attacks electronic commerce wireless security |
11 |
| 4. | System security
access control authentication and authorization file protection intrusion detection trusted computing and digital rights management Unix security |
8 |
| 5. | Program security
buffer overflow attacks viruses and worms Trojan horses proof-carrying code sandboxing Java security |
4 |
| 6. | Physical security, operational security, ethical and legal issues in security | 5 |
| Total | 40 | |