ISA 562: Information Security Theory and Practice, Fall 2017

Course Overview


This course provides and introduction to information security. We will cover various topics, including a brief introduction to cryptography, network security, operating systems and programming language security, and web security. We will also learn about security as a process.

Will understand the specific forms of the most common attacks on computer systems, and the common methods for addressing these attacks.
We will understand the basics of cryptography, including block ciphers, message authentication, and identification protocols.
We will understand the continuous process of securing real world systems.

There is no required textbook for this course. However, the material covered in class will rely heavily on the following book.
Title: Introduction to Computer Security 1st edition.
Authors: Michael Goodrich and Roberto Tamassia

Course Requirements

Homework -- 40%
Exams -- 60%
Of these exams the highest score will count 35%, and the lowest 25%.

There will be 4 homework assignments. Each one is due on a Monday, at 9am, and lab reports should be uploaded to blackboard. Students are expected to work independently on these assignments, but are encouraged to seek help from the TA on homework related questions. It is OK to seek help from your peers on issues related to setting up the system environment. Except in extreme cases (e.g. with a doctor's note), homework grades will be reduced by 10% for each day that they are late. I will not grant extensions, as I cannot fairly decide who deserves an extension and who does not, and I am unwilling to provide any student with an advantage over other students.

All testing is closed book, and notes are not permitted. The two exams, including the final, each cover about a half of the semester. The final is not cumulative. The date of the final exam, as specified by the university, is 12/19 at 4:30pm.


Tentative Schedule

Week Topic Material
8/29 Introduction, and start of cryptography Lecture 1 slides and notes
9/5 Cryptography: encryption Lecture 2 notes
9/12 Cryptography: authentication Lecture 3 notes
9/19 Cryptography: password security and identification protocols Lecture 4 notes
9/26 Network security Lecture 5 notes. Hw1 due, 9/25.
10/3 Network security Lecture 6 notes
10/10 No Class  
10/17 Midterm Hw2 due, 10/16
10/24 Web Security Lecture 7 notes
10/31 Operating Systems security Lecture 8 notes
11/7 Buffer Overflows Lecture 9 notes
11/14 Malware Lecture 10 notes
11/21 Anonymity and Privacy Lecture 11 notes. HW3 due, 11/20
11/28 Operations security; risk management; incident handling; continuity planning Lecture 12 notes. HW4 due, 12/11
12/5 Catch up and Review