From the Oberlin catalog course description:
Introduce Students to fundamental concepts in computer and information security. Topics that may be covered include: threats and vulnerabilities, malicious software, defensive programming techniques, basic cryptography, models of security, auditing, intrusion detection, basic database security, digital rights management, and issues of laws and ethics related to information security. This course is designed to present a broad survey of the field rather than an in depth study of a particular portion.
My goals and objectives for students taking this course are as follows:
The text for this course will be the following:
Security in Computing by Pfleeger & Pfleeger, 3rd edition.
Security Engineering by Ross Anderson.
For a more theoretical treatment, there is also:
There are also a large number of sites on security that are available. If you stumble across anything particularly interesting, let me know so I can add it here.
Grades will be calculated based on the following distribution:
The distribution might be adjusted based on the progression of the course.
Regular class attendance and participation is expected. Please talk to me if regular class attendance is going to be a problem.
There will be a number of assignments made in this class. I expect every student to attempt each assignment and turn in the results. You are encouraged to complete every assignment as this is one of the most effective ways to learn the material.
If you know that for some reason you will not be able to submit the assignment before the deadline, you should contact me in advance of the deadline. Extensions are only granted in exceptional circumstances, but need to be done in advance.
Late assignments will be penalized 10% per day. Extra credit will not be accepted after the initial deadline.
If you have a disability that might impact your performance in this course, or requires special accommodation, please contact me as soon as possible so that appropriate arrangements can be made. Support is available through Student Academic Services, specifically Jane Boomer. You will need to contact them to get your disability documented before accommodations can be made.
I have very low tolerance for academic dishonesty, and will vigorously pursue available remedies for any incidents. All work in this class is to be performed according to the Oberlin Honor Code. Specifically I expect that:
All assignments must include the following signed statement:
"I affirm that I have adhered to the Honor Code in this assignment."
Electronic submissions should include the honor statement in either the README or comments and must include your name.
|1||Sep 04||Labor Day [No Class]|
|Sep 06||Read Reflections on Trusting Trust for Friday.||Introduction to computer security
|Sep 08||Homework 1|
|Sep 13||Last Day to Add/Drop (Sep 14)||Basic Cryptography
|Sep 15||Homework 2|
|4||Sep 25||Homework 3|
|Sep 27||Read Smashing the Stack for Fun and Profit for Friday.||Program Security and Malware
|5||Oct 02||Yom Kippur [No Class]|
|Oct 04||Program Security and Malware
|6||Oct 09||Homework 4|
|Oct 13||Midterm Exam|
|Oct 16||October Break (Oct 14-22)|
|7||Oct 23||Program Security and Malware
|Oct 27||Electronic Voting|
|8||Oct 30||Malware Mitigation, Testing Methodologies|
|9||Nov 06||Last Day for P/NP, CR/NE, or Withdraw (Nov 07)||OS Security|
|Nov 08||Homework 5|
|10||Nov 13||Trusted OS design|
|11||Nov 20||Database Security||Homework 6|
|Nov 24||Thanksgiving Break (Nov 23-26)|
|12||Nov 27||Network Security and Intrusion Detection|
|Nov 29||Rough draft is due at the start of class. This is worth 10% of your final grade.|
|Dec 06||Legal and Ethical Issues|
|Dec 08||I will be out of town for a conference|
|14||Dec 11||Class presentation in King 306
|Dec 13||Class presentation in King 306
|Dec 18||Final Exam (2-4:00pm)|
Homeworks are listed in the schedule above on the far right hand side. Unless otherwise specified, they are due at the start of class and must be done individually. I prefer typed answers to hand-written ones because if I can't read it, then I can't grade it.
You are responsible for a semester long research project. Work is divided into several stages.