The goal of this course is to explain the principles behind computer security threats and countermeasures seen today or emerging soon. In particular, we will place an emphasis on principles and, where possible, rigor. Developing exploits will not be a focus of the class, though some assignments will involve implementing some attack code. The target audience for this class is computer science students, especially those planning to go on to software architect/developer jobs in industry or to pursue graduate studies. This class may be useful for system administrators, but the course will not focus on specific products or how to configure them.
Through this course, students will accumulate familiarity with the following technologies: access control and authentication in distributed systems; cryptography and cryptographic protocols (mainly key exchange protocols); user authentication; software vulnerabilities and software engineering to reduce vulnerabilities; firewalls and related technologies; technologies to support online privacy; and selected advanced topics.