CS361: Fall, 2008
Introduction to Computer Security

Unique number: 55700
Class time: MWF 2-3pm; Location: RLM 5.104
Instructor: Dr. Bill Young
Office: TAY 5.140
Office Hours: MWF 10-11am and by appointment
Office Phone: 471-9782; Email: byoung@cs.utexas.edu
TA Information: TBD;
Class website: www.cs.utexas.edu/users/byoung/cs361/syllabus361.html
Class newsgroup:utexas.class.cs361



Important Class Announcements:

Breaking news important to the class will be posted here. Consult this spot often.

CS Pay Scales


Course Description:

CS 361 is an introduction to topics in computer security, one of the "hottest" and most relevant areas of computing today. The student will achieve a firm intuition about what computer security means, both in the abstract and in the context of real systems; be able to recognize potential threats to confidentiality, integrity and availability; be aware of some of the underlying formalisms and technologies that attempt to address these challenges; and be conversant with current security-related issues in the field.

Topics to be covered may include:

  1. Scope of the security problem;
  2. Various views of computer security;
  3. Security policies;
  4. Formalizing security properties;
  5. Elementary information theory;
  6. Elementary cryptography;
  7. Cryptographic protocols;
  8. Authentication;
  9. Risk assessment;
  10. Malicious logic;
  11. System evaluation and certification.
Notice that CS students at UT have the option of completing a number of security-related courses and receiving a government-sanctioned certification in security. See the following link for information: Security certification.

Prerequisites:

You are expected to have taken and passed the following courses (or equivalent) with a grade of at least C: CS310 or CS310H, CS336 or CS336H, and M408D or M408M. If you don't have the prerequisites, be sure to clear it with the CS department.

Recommended text:

Matt Bishop, Introduction to Computer Security, Addison-Wesley.

Class Notes:

All of the class slides are available on-line. I'll try to make them available in advance so you can print them out and take notes on them.

Handouts of all class slides will be made available over the course of the semester via links below. Slides are available in PostScript (PS) or in PDF format. The PostScript files can be viewed with Ghostview or printed on any postscript-compatible printer. The PDF files can be viewed with Acroread.

Slide set 1: What is Security? PS-4up  PDF-4up  PDF

Assignments:

The textbook is recommended only and can be used to give additional information on the topics we cover in class. I may additionally assign readings available on-line. Nothing will be tested that is not on the class notes or handouts.

There will also be several (usually 5 or 6) programming assigments over the course of the semester. These should be done in the Java programming language. Each student may work on programming assignments individually or in collaboration with one other student. Make sure that all submissions clearly identify which students contributed to the project.

Programs will be submitted to your TA. Concerns about your program grades should be addressed first with the TA, and only with Dr. Young if you can't obtain satisfaction there. Information on how to submit your work will be provided shortly.

Programs will be graded on a 10 point scale with 1 point deducted for each day the program is late. The number of days late is purely a function of the timestamp recorded when you submit the assignment. The TA will turn off the turnin program after the due date, but will accept late assignments by email. Please coordinate with the TA regarding late submissions, or if you desire to re-submit an assignment following the due date.

Links to the assignments will appear below. Check this page often and be sure to check that any particular assignment or due date has not been changed.

Readings:

I will post below the sections in your textbook that contain information on the material we are covering in class. These sections may also contain some topics we did not cover. Read selectively to improve your knowledge, but you will not be expected to know material we did not cover in class.
  1. Chapter 1: introductory material

Quizzes:

Short in-class quizzes may be given at any time. These will cover material covered in previous classes. The goal of quizzes is to test your understanding of the material and to give you an idea of the types of questions that will appear on exams. There will be no makeups for quizzes you miss, but any single quiz is only a tiny proportion of your final grade.

Tests:

There will be two major tests during the semester: a midterm and final. Exams are closed-book, closed-notes tests, except that you may bring a single handwritten 3 x 5 index card of notes (both sides). Your best study strategy is to review the class notes and ensure that you understand thoroughly the topics we covered in class.

The midterm exam will be held as near the middle of the semester as possible and well before the drop date for the class. A sample midterm will be made available.

The final exam will be at the time scheduled for a class in this time slot, which is available on the registrar's website early in the semester. Don't make travel plans that conflict with the exam time. If you have a verifiable conflict, I will attempt to arrange for you to take an early exam. The final is comprehensive. A sample final will be made available.

No laptops:

Students are asked not to have their laptops or other electronic devices open during class. Copies of all slides will be provided. Please just listen and absorb the material.

Grading policies:

Class attendance is encouraged and will be checked on a majority of class days. Excessive unexcused absences will result in a reduced grade. If you don't plan to come to class regularly, please don't register for this class. Signing in for another student not present will be considered cheating by both students.

Grades are averaged using the weighting below:

Attendance, Quizzes and Participation 15%
Assignments 25%
Midterm Exam 30%
Final Exam 30%

Course grades are assigned on the scale: A = 90-100; B = 80-90; etc., except that I reserve the right to be more generous than this indicates. That is, I may enlarge the range for any grades.

Class Newsgroup:

The TA will set up a course newsgroup (utexas.class.cs361). To access the newsgroup, students can use Pine or Netscape in the department machines and can access the newsgroup from off campus. Dr. Young typically does not monitor the newsgroup. Information about UT newsgroups can be found at News Group information

Scholastic Dishonesty:

Academic dishonesty will not be tolerated. See www.cs.utexas.edu/users/ear/CodeOfConduct.html for an excellent summary of expectations of a student in a CS class.

All work must be the student's own effort (with the exception of group effort on programs). Work by students in previous semesters is not your own effort. Don't even think about turning in such work as your own, or even using it as a basis for your work. We have very sophisticated tools to find such cheating and we use them routinely. Several students didn't heed this warning in past semesters and paid a heavy price. Also, if you turn in homework done by a student in an earlier semester, I will assume that they collaborated with you and will reserve the right to change retroactively their grade in the class to an F. If they've graduated, this means that their degree could be invalidated. Don't risk your future and your friends' futures. It's far better to get a 0 on an assignment than to cheat.

No deviation from the standards of scholastic honesty or professional integrity will be tolerated. Scholastic dishonesty is a serious violation of UT policy; and will likely result in an automatic F in the course and may result in further penalties imposed by the department or by the university. Don't do it. If you are caught, you will regret it. And if you're not caught, you're still a cheater.