Instructor: Professor Anita Jones, Olsson Hall 223, 982-2224.
Address mail to Professor Jones as "jones" followed by <AT> cs.virginia.edu
Meetings: Monday and Wednesday, 2 - 3:15 pm in MEC 341
Jones' Office Hours: 1 - 3pm, Tuesdays in Olsson 223, and by appointment
Teaching assistant: Mike Holroyd
Address mail to Mike Holroyd as "holroyd" followed by <AT> cs.virginia.edu
Holroyd's Office Hours: 12 - 2pm, Wednesdays in Olsson Hall 233, and by appointment
Class Attendance: Class attendance is mandatory.
Participation: This course will be conducted in a seminar mode when possible. I will try to encourage discussion by the class on selected topics. Please contribute to class discussions. We will read a variety of papers, articles, and web site materials, as well as from the text. Some members of the class will be asked to formally present the content of a paper or their distilled understanding of a topic to the class and then to lead a discussion on the topic. Students will form teams and complete a group project during the semester. Constructive participation with your group on the project is an important aspect of the course. Some students will present the result of group projects to the class.
Class Web Page: http://www.cs.virginia.edu/~jones/cs451/
Course Abstract: It is a challenge to assure security in information systems – networked, embedded, and plain vanilla computation systems. We will study security from multiple perspectives. We will consider a variety of security policies, for example, authentication before access, integrity of information, and confidentiality of information. The course will focus on the models, the tools, and the techniques for enforcement of security policies, with some emphasis on the use of cryptography. And because today’s implementation approaches are typically flawed, we will also address the penetration and disruption of information systems in the context of operating systems and networks. We will discus national regulatory policy in the cyber-security area.
Topics include: operating system protection mechanisms, intrusion detection systems, formal models of security, cryptography, network and distributed system security, denial of service (and other) attack strategies, worms, viruses, transfer of funds/value across networks, electronic voting, secure applications, homeland cyber-security policy, and government regulation of information technology.
Prerequisites: Completion of CS340 (Advanced Software Development Methods) and either CS 414 (Operating Systems) or CS 457 (Networks), each with a C- or better.
Course Project: After the course commences each student will be asked to join a group that will research a specific issue during the semester.
Texts and reading: The text is Cryptography and Network Security (4th Edition) by William Stallings. In addition readings will also include technical articles, policy articles and general news article as well as Web sites that specialize in security. Most articles will be available electronically.
Grading and Evaluation: Grades will be computed as follows:
Course Calendar : Click Here
: Click Here
(last modified August, 2006)
Return to home page.