This is a graduate-level introductory course in information security. It teaches the basic concepts, principles, and fundamental approaches to secure computers and networks. Its main topics include: security basics, security management and risk assessment, software security, operating systems security, database security, cryptography algorithms and protocols, network authentication and secure network applications, malware, network threats and defenses, web security, mobile security, legal and ethical issues, and privacy.
You should have taken an undergraduate level course on, or be otherwise familiar with, operating systems and networks. Prior programming experience with C or Java is recommended. Knowledge of algebra and discrete mathematics is also recommended.
Computer Security: Principle and Practice, 3/E, by William Stallings and Lawrie Brown.
A recommended supplementary textbook is: Applied Information Security: A Hands-on Approach, by David Basin, Patrick Schaller, and Michael Schlapfer.
Grading will be based on:
Lesson Preparation/Reading 1 Security Mindset Chapter 1 2 Software Security Chapters 10 and 11| 3 Operating Systems Security Chapter 12 4 Authentication Chapter 3 5 Access Control Chapter 4 6 Mandatory Access Control Chapter 13 7 Database Security Chapter 5 8 Malicious Code Chapter 6 9 Modern Malware Chapters 6 and 7 Midterm 10 Firewalls Chapter 9 11 Intrusion Detection Chapter 8 12 Introduction to Cryptography Chapter 2 13 Symmetric Encryption Chapter 20 14 Public-Key Cryptography Chapter 21 15 Hashes Chapter 21 16 Security Protocols Chapter 23 17 IPSec and TLS Chapter 22 18 Wireless and Mobile Security Chapter 24 19 Web Security 20 Security Management and Cyber Risk Assessment Chapters 14 and 15 21 Law, Ethics, and Privacy Chapter 19 Final