|
Tentative Lecture Plan
Tentative lecture flow
will be as follows. Some changes may occur depending upon the pace of
the class. In the table below, texts in GREEN in
Topics column represent notes I add after the class - in particular with
regards to coverage.
Some helpful notes: Some previous experiences of the students and mine that may be
helpful to you are as follows:
-
Students who have taken this course have felt that
this is a very dense course - primary reason for it being dense our goal
to maintain the NSA IA standards.
-
In earlier offerings of this course, students who
lacked strong mathematical background had found the first half of the
course, which is focused on theoretical issues, quite challenging.
Students are strongly recommended to read the materials before it is
covered in the class. Most of the lecture materials will be similar to
earlier offerings of the course, with updates and corrections.
-
The second half of the course content is much softer
and less effort is needed to understand the concepts - but a lot of
reading is required. This helps students to concentrate more on projects
and labs/programming assignment.
-
The course is designed primarily with the overall
security track in mind. The coverage is also expected to provide a
foundational knowledge and broad understanding of security field, if
this is the only course the student plan to take.
Course Handout
Tentative Course Schedule
|
|
Lecture/Date |
Topics |
Slides |
|
Week
1
(Aug 30) |
Introduction
to the course;
Chap 1:
Overview of Security
[Covered except slides 31-36 of
Lecture 1]
|
(Lecture
1)
(PDF) |
|
Week
2
(Sept 6)
|
Chap 12:
Secure Design Principles
Chap 2.2
Access Control Matrix
Access
control in OS
[Covered till slide 32 of Lecture 2]
|
(Lecture
2)
(PDF) |
|
Week 3
(Sept 13)
|
Mathematical Review
(Bishop's
brown book has short intro
on these topics - Logic, Induction and Lattice)
Chap 4:
Security Policies (not covered yet)
[Covered till slide 9 of Lecture 3]
|
(Lecture
3)
(PDF) |
|
Week 4
(Sept 20)
|
Chap 2
- 3 :
HRU Access Control Model and results
|
(Lecture
4)
(PDF) |
|
Week 5
(Sept 27)
|
Chap 4. Security Policies
Lattice
(Which was not covered in Week 3)
Chap 5: Confidentiality policies
Section 6.2: Biba's Integrity
Note:
[Covered till Slide 31 of Lecture 5]
|
(Lecture
5)
(PDF) |
|
Week
6
(Oct 4)
|
Chap 7. Integrity Policy
Role Based Access Control (Read
NIST RBAC paper)
[Could not cover RBAC]
|
(Lecture
6)
(PDF) |
|
Week
7
(Oct 11)
|
Role Based Access Control Model
Take Grant Model (In Chapter 3 of Bishop's brown book
- linked to online version from main page)
[Note that Lecture 7
includes slides for RBAC which were in Lecture 6 also]
[Covered till Slide 20]
|
(Lecture
7)
(PDF) |
|
(Oct 18)
|
Midterm
|
|
|
Week
8 (Oct
25) |
Chap 9: Basic Cryptography and Network Security
(We'll start Lecture 8 this week and leave the uncovered
portion in Lecture7 for later if time is available)
|
(Lecture
8)
(PDF)
(Project) |
|
Week
9
(Nov 1)
|
Chap 18: Evaluation
Risk Management, Legal & Ethical Issues, Physical
protection, & Common Criteria (Some Reading Materials)
Link for Legal&Ethical Issues:
I am out of town on Nov 1. The GSA will be taking the class. Note that
this content was earlier scheduled for Week 10 - I swapped it.
|
(Lecture
9)
(PDF) |
|
Week
10
(Nov 8)
|
Chap 9: Key Management
[Covered till Slide 30]
|
(Lecture
10)
(PDF) |
|
Week
11
(Nov 15)
CollaborateCom
|
Chap 10, 11: Network Security, Authentication and
identity
[Covered till Slide 9]
|
(Lecture
11)
(PDF)
|
|
(Nov 22) |
Thanksgiving |
|
Week 12
(Nov 29)
|
Malicious code, Vulnerability Analysis, Intrusion
Detection & Auditing
[Covered till Slide 19]
[EXAM WILL INCLUDE ONLY TILL SLIDE
19 of LECTURE 12]
|
(Lecture
12)
(PDF) |
|
Week 13
(Dec 6,)
|
Integer, String, Race Conditions, Buffer Overflow
[Covered All]
|
(Lecture
13)
(PDF) |
|
Week 14
(Dec 13)
|
Final
|