skip to main content

CS 461 - Computer Security I

Summer 2020

Official Description

Fundamental principles of computer and communications security and information assurance: ethics, privacy, notions of threat, vulnerabilities, and risk in systems, information warfare, malicious software, data secrecy and integrity issues, network security, trusted computing, mandatory and discretionary access controls, certification and accreditation of systems against security standards. Security mechanisms: authentication, auditing, intrusion detection, access control, cryptography, security protocols, key distribution. Course Information: Same as ECE 422. 4 undergraduate hours. 4 graduate hours. Prerequisite: CS 241 or ECE 391.

Text(s)

Computer Security: Principles and Practice, 2nd. Ed., by William Stalling and Lawrence Brown

Learning Goals

Assess and address Security and Privacy (S&P) issues for policy and humans. That is, characterize and classify the threats based on human conformance to policy and evaluate the effectiveness of a range of countermeaures. (1)
Provide S&P risk analysis for basic scenarios based on core principles, specifically the Confidentiality, Integrity, Availability (CIA) requirements. (1)
Apply cryptographic hashes, pseudorandom generators, symmetric, and asymmetric cryptography with appropriate tradeoffs. (1,2,3)
Evaluate options for authentication based on secrets, tokens, and biometrics. (1)
Understand network, application, and systems security. (1,2)
Formulate access control models for basic situations. (1,2)
Write and mitigate malicious code and characterize basic means of its propagation. (1,2,3)
Assess the threat of basic Denial of Service (DoS) attacks. (1)
Provide network securty protections using firewalls and IDSs. (1,2)
Assess threats based on physical layer. (1)
Apply legal and ethical rules for S&P. (4)

Topic List

Human issues in S&P
S&P risk assessment
History of cryptography
Symmetric key encryption
Asymmetric key encryption
Systems security
Database security
Application security
Web application security
Network security
Digital signatures
Cryptology
Authentication
Authorization
Malicious code
Threat Modeling
DoS
Intrusion Detection & Firewalls
Legal and Ethical Isssues in S&P
Trusted Operating systems
Evaluation and Auditing
Physical layer security threats

Required, Elective, or Selected Elective

Selected Elective.

Last updated

3/6/2019by Ryan Matthew Cunningham