CSCI 0421: Information Assurance Management

 

 

Instructor:

Dr. Wei-Shinn Ku 
Office: Shelby Center for Engineering Technology, Suite 3108  
Email: weishinn@auburn.edu
Website: http://www.eng.auburn.edu/~weishinn/CSCI0421

Place and Time:

11:00 am – 12:30 pm, Tue., Thu.

                      

Course Objectives:

Students who have completed this course should be capable of doing the following:

  • learn how access to systems, resources, and data can be controlled;
  • understand the strengths, and weaknesses of cryptography as a tool of security;
  • learn about security in UNIX and programming environments;
  • learn how to attack a system, and to defend it by analyzing the system for vulnerabilities;
  • understand security issues in networks.

Prerequisite:

N/A

Text:

Matt Bishop, “Introduction to Computer Security”, Addison-Wesley, 2004, ISBN 0-321-24744-2

Grading:

Class Participation: 10%

Homework: 30%

Midterm: 30%  
Term Report: 30%     

Policies: Due date will be strictly enforced. No work will be accepted after the deadline.

Topics Covered:

Topics covered include: (These topics may change)

  • Basic components of computer security
  • Integrity models
  • Authentication
  • Robust programming principles
  • Classical cryptography
  • System analysis
  • Principles of secure design
  • Vulnerability models
  • High-level policy languages
  • Network security
  • Key exchange

Participation:

It is required that you attend class on a regular basis. Class participation is very important to the organization of the course. Exams will be based upon presentations and class discussions.

 

 

  Date 

Topics

1. Jan. 15

Course Introduction 

2. Jan. 17

An Overview of Computer Security

3. Jan. 22

Access Control Matrix

4. Jan. 24

No class (TSYS meeting in Georgia)

5. Jan. 29

Foundational Results

6. Jan. 31

Security Policies (1)

7. Feb. 5

Security Policies (2)

8. Feb. 7

Confidentiality Policies (1)     Homework 1

9. Feb. 12

Confidentiality Policies (2)

10. Feb. 14

Integrity Policies

11. Feb. 19

No class (travel to NSF)

12. Feb. 21

Hybrid Policies (1)

13. Feb. 26

No class (CRA Workshop in Washington D.C.)

14. Feb. 28

Midterm exam

15. Mar. 4

Spring Break

16. Mar. 6

Spring Break

17. Mar. 11

Hybrid Policies (2)

18. Mar. 13

Basic Cryptography (1)     Homework 2

19. Mar. 18

Basic Cryptography (2)    

20. Mar. 20

Easter Break

21. Mar. 25

Basic Cryptography (3)

22. Mar. 27

Key Management (1)

23. Apr. 1

Key Management (2)

24. Apr. 3

Cipher Techniques (1)

25. Apr. 8

Cipher Techniques (2)     Homework 3

26. Apr. 10

Cipher Techniques (3)

27. Apr. 15

Authentication

28. Apr. 17

Information Flow

29. Apr. 22

Introduction to Assurance

30. Apr. 24

No class (MDM conference in Beijing)

Apr. 26

Term report due

(email your report to the instructor)