This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: CS 42600 Computer Security Samuel Wagstaff January 19, 2012 CS 42600, Spring, 2012, 4:30–5:45 PM, HAAS G066. Instructor: Samuel Wagstaff Office: 1167 LWSN Phone: 494-6022 Email: [email protected] Office Hours: Tuesday 1–2 PM, Thursday 2–3 PM. Teaching Assistant: Vaishnavi Chandrasekaran Office: B116H Phone: TBA Email: [email protected] Office Hours: Tuesday: noon – 2 PM Course Description This course considers those aspects of computer security other than cryptogra- phy. (Cryptography is taught in CS 35500.) CS 42600 covers these topics: The meaning of security, types of attacks, threats, vulnerabilities, controls, types of computer criminals, methods of defense. In the area of program security, it covers types of flaws, both malicious and nonmalicious, viruses, worms, covert channels, salami attacks, and what can be done to prevent them. In the area of operating system security, it covers protection of objects, memory, segmentation, paging, access control list and matrix, capabilities, file protection, user authentication by passwords and other methods. In the area of trusted operating system security, it covers military security policy, commercial security policy, comparison of design of trusted and ordinary operating systems, kernel design, separation, virtualization, layers, assurance, open source and evaluation. In the area of database security, it covers requirements, auditing, access control, user authentication, availability, integrity, confidentiality, reliability, re- dundancy, consistency, recovery, monitors, inference, disclosure and granularity. 1 In the area of network security, it covers network topology, eavesdropping, wiretapping, impersonation, spoofing, confidentiality, integrity, denial of ser- vice, security controls, access controls, alarms, honeypots, traffic flow security, firewalls, intrusion detection systems and secure email. In the area of security administration, it covers security planning, continuity plans, risk analysis, organizational policies and physical security. Finally, the class considers program protection by copyright, patent and trade secret laws, ownership of computer data, legal responsibility of software vendors, computer crime, privacy and ethics. Prerequisites The student should have some knowledge of how computers, operating systems and networks work. This material is covered in the classes CS 250000, CS 25200 CS 35400 and CS 42200. Students who have not taken all of these classes may be able to learn the needed material through extra reading when certain topics are covered. Course Goals The course goals are to learn what computer security is and how it is done for programs, operating systems, trusted operating systems, databases and net- works. Students should also learn how security is administered and be familiar with legal, ethical and privacy issues related to computer security....
View Full Document
- Spring '08
- Computer Security