CS 458 Computer Security and Privacy
This course provides an introduction to security and privacy issues in various aspects of computing, including programs, operating systems, networks, databases, and Internet applications. It examines causes of security and privacy breaches, and gives methods to help prevent them.
Students completing this course should be better able to produce programs that can defend against active attacks, and not just against random bugs.
Third or fourth year CS students, or first year CS graduate students.
Prerequisites: CS 350 or SE 350; Computer Science students only.
Antirequisites: ECE 458.
Security in Computing, 4th Edition, by Charles P. Pfleeger and Shari Lawrence Pfleeger.
3 hours of lectures per week. Normally available in Fall, Winter and Spring.
Introduction to Computer Security and Privacy (1.5 hours)
The meaning of computer security; comparing security with privacy; types of threats and attacks; methods of defense
Program Security (6 hours)
Secure programs; nonmalicious program errors; malicious code; controls against program threats
Operating System Security (6 hours)
Methods of protection; access control; user authentication
Network Security (4.5 hours)
Network threats; firewalls, intrusion detection systems
Internet Application Security and Privacy (9 hours)
Basics of cryptography; security and privacy for Internet applications (email, instant messaging, web browsing); privacy-enhancing technologies
Database Security and Privacy (4.5 hours)
Security and privacy requirements; reliability, integrity, and privacy; inference; data mining; k-anonymity
Non-technical Aspects (4.5 hours)
Administration of security systems; policies; physical security; economics of security; legal and ethical issues