Current Official Catalog Description
Study of computer security including assurance, authorization, authentication, key distribution, encryption, threats including phishing and key logging, and related distributed computing issues. Theory and practical applications.
The current computing and networking systems have vulnerabilities that make these systems prone to attacks, regularly resulting in financial, physical and emotional losses worldwide. This insecure state of current systems can be attributed to their poor or after-the fact security design, an under-estimation of the underlying threat model and adversarial capabilities, buggy software, and perhaps most importantly, a dearth of security awareness, skills and education. The goal of this course is, in particular, to help address the latter issue, and introduce the students to the fun world of computer security.
The students will not only learn the existing weaknesses and vulnerabilities present in the computer systems but also study fundamental approaches to secure the systems. Specifically, the covered security approaches include (but are not limited to): cryptographic constructs and protocols (for example, for achieving confidentiality, authentication, and integrity); key distribution; risk analysis and threat modeling; user-involved security practices; and privacy-preserving communication. Besides studying these fundamental topics, the students will also be introduced, from time to time, to the cutting-edge research results in Security.