MonWed 02:40-3:55 PM
Room 545 Mudd

Computer security concepts and mechanisms; measures employed in countering such threats. Concepts and tools available in order to assume an appropriate security posture. Foundations of security. Identification, authentication, authorization. Software design for security and assurance. Hardware assists. Security architecture; design for security. Security tradeoffs.

  • What is security?
  • Security models (Bell-Lapadula, Biba, etc.)
  • Designing for/with security
  • Identity, authentication, authorization, audit
  • Device and software authentication
  • Assurance
  • Confinement
  • Software security
  • Hardware features
  • Random number generators
  • Biometrics
  • Security for large-scale distributed systems
  • Security architecture
  • Engineering tradeoffs


The primary text is
The Craft of System Security, Sean Smith and John Marchesini, Addison-Wesley, 2007, ISBN 0-321-43483-8. Some readings will be from primary sources.

The other text is the draft manuscript of a book I'm writing. Hardcopy will be available in the CS department office, for about $25.


Yibo Zhu <yz2486@cs....> Thursday 2:00-3:00 Mudd 122A
Jill Jermyn <jill@cs....> Wednesday 1:30-2:30 CEPSR 7LW1
Georgios Kontaxis <kontaxis@cs....> Monday 4:10-5:00 CSB 521


You must be able to program in C or C++. If you can't, you should seriously consider dropping this class.

You should have a decent knowledge of computer architecture. Operating Systems (W4118) and Introduction to Cryptography (W4261) are helpful but not required. (Note: the official bulletin says that W4118 is a prerequisite. Ignore that...)

Homework Policy

There will be four or five homework assignments, each consisting of a written part (30%) and a programming part (70%). Three or four of the homeworks will be part of a single, large project.

Unless otherwise instructed, all homeworks must be written in C or C++. Java is not acceptable; don't bother asking.

Late assignments are subject to increasing penalties. There are no grace days or "free lates". See the slides from the first class for details.


Homeworks 50%
Midterm 20%
Final 30%
The percentages will be adjusted slightly if there are only four homework assignments.

All exams are open book. This means that there won't be any "define Foo" questions. Most questions will ask you to think and to integrate material from different lectures.

Final grades are curved.

The tentative date for the midterm is Wednesday, XXX The final exam will be at the date and time scheduled for this class by the registrar.


Unless there is significant sentiment to the contrary, I will not use Courseworks except for the gradebook and the discussion list. All lectures and homework assignments will be posted on this web site.