Syllabus # date topic notes 1. Fri, Oct 1 Introduction: what is computer security 2. Discussion: Trust, risk analysis, non-technical threats Mon, Oct 4 no class (SANS Network Security) 3. Wed, Oct 6 Robust programming rules and examples 4. Fri, Oct 8 Robust programming rules and examples (con't) Discussion: Social engineering 5. Mon, Oct 11 Vulnerability models, attack models, relationship homework #1 due 6. Wed, Oct 13 Penetration analyses, Flaw Hypothesis Methodology project part 1 due 7. Fri, Oct 15 Intrusion detection last day to add course 8. Discussion: Classical cryptography; ROT-13, DES Mon, Oct 18 no class (National Information Systems Security Conf.) 9. Wed. Oct 20 Public-key cryptography; Diffie-Hellman; RSA last day to drop course 10. Fri, Oct 22 Access control matrix; security policies Discussion: Policies at UC Davis 11. Mon, Oct 25 Security policies (con't) homework #2 due 12. Wed, Oct 28 Authentication: passwords, crypt(3), attacks 13. Fri, Oct 29 Users, groups, roles project part 2 due Discussion: Review for midterm 13. Mon, Nov 1 midterm 14. Wed, Nov 3 Access control lists, capabilities, locks and keys last day to change to P/NP or S/U grading 15. Fri, Nov 5 Access rings, PACLs Discussion: Go through midterm; S/Key 16. Mon, Nov 8 Malicious logic: Trojan horses, viruses, worms homework #3 due 17. Wed, Nov 10 Defending against malicious logic; property-based testing 18. Fri, Nov. 12 Auditing and logging Discussion: Examples of famous malicious logic; isolation 19. Mon, Nov. 15 Secure systems; design hierarchy; trusted operating systems 20. Wed, Nov. 17 Network security; cryptography as a tool 21. Fri, Nov. 19 Analyzing network protocols Discussion: Cryptographic protocols; X.509 failure 22. Mon, Nov 22 Security in network administration homework #4 due 23. Wed, Nov 24 Security in system administration Fri, Nov 26 no class (Thanksgiving) Discussion: none (Thanksgiving) 24. Mon, Nov 29 Security in system use 25. Wed, Dec 1 Security in programming; principles and design 26. Fri, Dec 3 Security in programming: UNIX implementation Discussion: UNIX security tools 27. Mon, Dec 6 Denial of service homework #5 due 28. Wed, Dec 8 Computability; HRU result, Take-Grant 29. Fri, Dec 10 to be determined project part3 due Discussion: Review for final Tue, Dec 14 final exam Please note that this syllabus is tentative and subject to change. If you want to hear about a topic not listed above, or that you are not sure we'll cover, please let me know!