Introduction to computer security including formal models of security, security goals and fundamentals (confidentiality, integrity, availability, etc.), introduction to risk assessment and management, security standards in government and industry (e.g., Common Criteria, Orange Book, etc.), corporate and institutional security policies, evaluation process and levels, computer system protection principles, access controls, cryptography fundamentals, authentication, security operations, software attacks including malicious code and buffer overflows, social engineering, injection attacks, and related defense tools, network attacks including denial of service, flooding, sniffing and traffic redirection, defense tools and strategies, web sites attacks including cross-site scripting, IPSec, Virtual Private networks and Network Address Translation, and ethics. Hands-on experience is part of the class.|
Course Learning Outcomes:
1) Students shall be able to explain the various threats to computer systems, and assess the risk levels associated with these threats.
2) Students shall be able to explain and develop various computer security mechanisms.
3) Students shall be able to understand, explain, and develop essential authentication and access control mechanisms.
4) Students shall be able to understand, explain, and develop basic and modern cryptography concepts.
5) Students shall be able to write security policies.
3.000 Credit hours
3.000 Lecture hours
Schedule Types: Lecture, Tutorial
Computer Science & Mathematics Department