|
|
|
|
| Date | Lecture No. | Slides | Readings |
| 8/23/10 | Lecture 1 | Introduction to class and computer security overview. (pdf) | "Computer Security: Art and Science" (CS) Chapter 1 |
| 8/25/10 | Lecture 2 | Security Policy (pdf) | CS Chapter 4 (skip last section) |
| 8/29/10 | Lecture 3 | Risk Analysis (pdf) | CS Chapter 1 and risk analysis readings on compass. |
| 8/30/10 | Lecture 4 | Class exercise: Risk analysis | |
| 9/1/10 | Lecture 5 | Classical cryptography (pdf) | CS Chapter 9 section 1 through 2.2 |
| 9/3/10 | Lecture 6 | Enigma movie. Link posted on class newsgroup. | |
| 9/8/10 | Lecture 7 | Private key cryptography. (pdf) |
CS Chapter 9 section 2.3 and 2.4 |
| 9/10/10 | Lecture 8 | Review symetric ciphers and address cipher techniques. | CS Chapter 11 section 1 and 2 |
| 9/13/10 | Lecture 9 | Class exercise: A card-based stream cipher. Bring a deck of cards with two jokers. I'll have a few extra decks but not enough for everyone. Exercise notes Updated notes to reflect correction to the value of Ace of hearts and new encrytped value. | Schneier's description of the Solitaire Encryption Algorithm |
| 9/15/10 | Lecture 10 | Public key cryptography (pdf) | CS Chapter 9 section 3 |
| 9/17/10 |
Lecture 11 |
Crypto Hashes. Slides in Lecture 10's slide deck. | CS Chapter 9 section 4 |
| 9/20/10 | Lecture 12 |
Key Management (pdf) |
CS Chapter 10 |
| 9/22/10 | Lecture 13 | Continue on with key management. | |
| 9/24/10 | Lecture 14 | Authentication (pdf) | CS Chapter 12 |
| 9/27/10 | Lecture 15 | Class exercise: PKI and certificates PKI scenario Certificates | |
| 9/29/10 | Lecture 16 | Access Control Techniques (pdf) | CS Chapter 2 |
| 10/1/10 | Lecture 17 | Finish Basic Access Control techniques. | |
| 10/4/10 | Lecture 18 |
Exam review(
pdf) Exam from 2008 Exam key. Access control topics were covered on the exam that year. |
Exam ground rules:
|
| 10/06/10 | Exam 1 | Exam 1: Covering basic policy, risk analysis, applied cryptography, and general OS security. | Exam given in class room at normal lecture time. You will be given 50 minutes to complete the exam. |
| 10/8/10 | Lecture 19 |
Discuss exam results Finish access control |
Exam comments |
| 10/11/10 | Lecture 20 | Confidentiality Policy (pdf) |
CS Chapters 5 (5.1 and 5.2 up to the beginning of 5.2.3, and 5.3) and 30
(Lattices). Additional readings if you are interested in digging deeper: BLP original papers: vol 1 vol 2. McLean's dagger property paper and McLean's Z system paper |
| 10/13/10 | Lecture 21 | Integrity Policies (pdf) | CS Chapter 6 |
| 10/15/10 | Lecture 22 | DB Security (pdf) | Griffiths and Wade, "An Authorization Mechanism for a Relational Database" |
| 10/18/10 | Lecture 23 | Class exercise: Lipner's Integrity Matrix Model | |
| 10/20/10 | Lecture 24 | System Evaluation: Common Criteria System evaluation (pdf) | CS Chapter 21 |
| 10/22/10 | Lecture 25 |
Finish Common Criteria Evaluations Design principles (pdf) |
CS Chapter 13 |
| 10/25/10 | Lecture 26 | System assurance (pdf) | CS chapter 18 |
| 10/27/10 | Lecture 27 | Designing secure software (pdf) | CS chapter 19 and Threat analysis reading posted to compass |
| 10/29/10 | Lecture 28 | Malware (pdf) | CS Chapter 22 |
| 11/1/10 | Lecture 29 | More malware | |
| 11/3/10 | Lecture 30 | More Malware | |
| 11/5/10 | Lecture 31 | Network threats and networking review (pdf) | CS Chapter 26 |
| 11/8/10 | Lecture 32 | More network threats. | CS Chapter 26 |
| 11/10/10 | Lecture 33 | Network security controls and architecture (pdf) | |
| 11/12/10 | Lecture 34 | Guest Lecture: Matt Sellman, FBI | |
| 11/15/10 | Lecture 35 |
Exam review
(pdf) Exam from a past year Key from a past year This year's exam will not cover security and the law. That will be deferred to the final. |
|
| 11/17/10 | Exam 2 | Exam 2: Covering Databases, Trusted OS, Malware, Software assurance, network security | In 1310 DCL at normal class time |
| 11/19/10 | Lecture 36 | Return exam. | Exam 2 comments |
| 11/29/10 | Lecture 37 | Security and Law (pdf) | Reading on compass |
| 12/1/10 | Lecture 38 | Physical security and forensics (pdf) | Reading on compass |
| 12/3/10 | Lecture 39 | EMSEC | Soft TEMPEST paper |
| 12/6/10 | Lecture 40 | IPSEC and SSL (pdf) | CS Chapter 11 |
| 12/8/10 | Lecture 41 | Final exam review
(pdf) 2009 final and 2009 key Note: we covered wireless in 2009 but not this year. |
|
| 12/16/10 | Class Final | Cumulative final at 8am in 1320 DCL. |