Course Home Lectures Assignments Submitting Homework

COMS W4187 — Security Architecture and Engineering — Fall '07

TuTh 02:40-03:55 PM
545 Mudd


Readings
TAs
Prerequisites
Homework Policy
Grading
Courseworks
Computer security concepts and mechanisms; measures employed in countering such threats. Concepts and tools available in order to assume an appropriate security posture. Foundations of security. Identification, authentication, authorization. Software design for security and assurance. Hardware assists. Security architecture; design for security. Security tradeoffs.

  • What is security?
  • Security models (Bell-Lapadula, Biba, etc.)
  • Designing for/with security
  • Identity, authentication, authorization, audit
  • Device and software authentication
  • Assurance
  • Confinement
  • Software security
  • Hardware features
  • Random number generators
  • Biometrics
  • Security for large-scale distributed systems
  • Security architecture
  • Engineering tradeoffs

Readings

Most readings will be from primary sources. There will be some material from Security Engineering, Ross Anderson, Wiley, 2001, ISBN 0471389226. I expect that most people will prefer to use the online copy, given the nature of the material.

There will be a few suggested readings from Introduction to Computer Security, Matt Bishop, Addison-Wesley, 2005, ISBN 0-321-24744-2. I do not suggest that you buy the book (and I have not ordered copies); I have put it on reserve in the library.

TAs

Hang Zhao

Prerequisites

You must be able to program in C or C++.

You should have a decent knowledge of computer architecture. Operating Systems (W4118) and Introduction to Cryptography (W4261) are helpful but not required.

Homework Policy

There will be approximately five homework assignments, each consisting of a written part (30%) and a programming part (70%).

Unless otherwise instructed, all homeworks must be written in C or C++. Java is not acceptable; don't bother asking.

Grading

Homeworks 50%
Midterm 20%
Final 30%

All exams are open book. This means that there won't be any "define Foo" questions. Most questions will ask you to think and to integrate material from different lectures.

Final grades are curved.

The final exam will be on Thursday, 12/20/2007, 1:10pm - 4:00pm, in Mudd 545.

Courseworks

Unless there is significant sentiment to the contrary, I will not use Courseworks except for the gradebook and the discussion list. All lectures and homework assignments will be posted on this web site.