Course Description 
CS 451 - Information Security

Fall  2006


Instructor: Professor Anita Jones, Olsson Hall 223, 982-2224.

Address mail to Professor Jones as "jones" followed by <AT> cs.virginia.edu

Meetings: Monday and Wednesday, 2 - 3:15 pm in MEC 341

Jones' Office Hours: 1 - 3pm, Tuesdays in Olsson 223, and by appointment

Teaching assistant:  Mike Holroyd

Address mail to Mike Holroyd as "holroyd" followed by <AT> cs.virginia.edu

Holroyd's Office Hours:  12 - 2pm, Wednesdays in Olsson Hall 233, and by appointment

Class Attendance: Class attendance is mandatory.

Participation: This course will be conducted in a seminar mode when possible.  I will try to encourage discussion by the class on selected topics. Please contribute to class discussions.  We will read a variety of papers, articles, and web site materials, as well as from the text. Some members of the class will be asked to formally present the content of a paper or their distilled understanding of a topic to the class and then to lead a discussion on the topic. Students will form teams and complete a group project during the semester. Constructive participation with your group on the project is an important aspect of the course. Some students will present the result of group projects to the class.

Class Web Page: http://www.cs.virginia.edu/~jones/cs451/

Course Abstract: It is a challenge to assure security in information systems – networked, embedded, and plain vanilla computation systems.  We will study security from multiple perspectives.  We will consider a variety of security policies, for example, authentication before access, integrity of information, and confidentiality of information.  The course will focus on the models, the tools, and the techniques for enforcement of security policies, with some emphasis on the use of cryptography.  And because today’s implementation approaches are typically flawed, we will also address the penetration and disruption of information systems in the context of operating systems and networks.  We will discus national regulatory policy in the cyber-security area.

Topics include: operating system protection mechanisms, intrusion detection systems, formal models of security, cryptography, network and distributed system security, denial of service (and other) attack strategies, worms, viruses, transfer of funds/value across networks, electronic voting, secure applications, homeland cyber-security policy, and government regulation of information technology.

Course Objectives: 

Prerequisites:  Completion of CS340 (Advanced Software Development Methods) and either CS 414 (Operating Systems) or CS 457 (Networks), each with a C- or better.

Course Project: After the course commences each student will be asked to join a group that will research a specific issue during the semester.

Texts and reading: The text is Cryptography and Network Security (4th Edition) by William Stallings.  In addition readings will also include technical articles, policy articles and general news article as well as Web sites that specialize in security.  Most articles will be available electronically.

Grading and Evaluation: Grades will be computed as follows:

Help and Pledge Policy: Examinations and homework will be conducted under the Honor code. Assignments are to be individual work unless explicitly stated to be part of a group project.  Individual work should be just that.  Be sure to cite the source of ideas and properly quote excerpted material.  Make scrupulously clear what your intellectual and presentational contribution is.  For course projects, students may work closely with other project members.

Course Calendar : Click Here

Course Project : Click Here
 

(last modified August, 2006)


Return to home page.