Updated: 05/19/20
Maintained by E. H. Spafford
This course is structured as a combination lecture/seminar course addressing topics involved in really implementing and managing information security. Unlike courses discussing software or architecture of systems, this course is intended to fill in the blanks about important factors involved with securing actual systems. This includes looking at issues of physical security, personnel security and management, legal issues, incident management, social impact, training and awareness, privacy and global issues. The nature of topics and lectures will be determined by availability of guest lecturers, current news events, and class participation.
Catalog description: Advanced topics in information assurance, including selections from the following: penetration testing, formal verification of systems, formal models of information flow and protection, distributed system authentication, protocol design and attack, computer viruses and malware, intrusion and anomaly detection models, multi-level security, active defenses, investigation and forensics, network firewalls, anonymity and identity, e-commerce support, database security models and mechanisms.
3 class hours, 3 credit hours
CS 52600 and CS 55500; or equivalent and permission of instructor.
All of my courses operate under the same general policies and standards. My students are expected to study and understand these policies. Potential students are encouraged to check these out before signing up for one of my classes.
Monday & Friday 4:30-5:45 in Haas G66
If a midterm is given, it will probably be during the week of February 23.
If a final exam is given, it will be during the week of May 4.
It will be comprehrensive. No books or notes. I may assign term papers instead of a final exam.
Eugene H. Spafford (Spaf)
Some classes may be taught by other faculty when Spaf is out of town.
Marlene Walls, Spaf's assistant, can help with scheduling, delivery of messages, etc.
For office hours, telephone/email, etc., see Spaf's homepage.
You can call between 8am and 10pm any day if you really need to speak with me: 765-551-7723. Otherwise, please send email.
In the event of a major campus emergency, course requirements, deadlines and grading percentages are subject to changes that may be necessitated by a revised semester calendar or other circumstances. Information about any such changes in this course will be posted here.
The final grade in the class will be based on assignments, a (possible) midterm exam and (possibly) a comprehensive final exam and/or papers. Classroom and discussion participation may be used to adjust final grades. Approximate allocation of points: 15% homework, 30% assignments, 55% tests/final papers.
In-class quizzes may be given without advance notice. Therefore, attendance is strongly advised.
I have adopted the 10 point scale described by Professor Clifton for grading all non-test items:
| 10 | Exceptional work. So good that it makes up for substandard work elsewhere in the course. These will be rare, and for many homeworks/problems a perfect score will correspond to an 8. |
| 8 | What I'd expect of a Ph.D. candidate or outstanding MS student. This corresponds to an A grade. |
| 6 | Average Master's degree student work, but not what I'd like to see for a Ph.D. candidate. This corresponds to a B grade. |
| 4 | Okay for a Master's candidate who does extremely well in other courses. This corresponds to a C grade. |
| 2 | Not good enough for a graduate student. But something. |
| 0 | Missing work, or so bad that you needn't have bothered. |
This is approximate, and will be adjusted based on current events and the availability of guest speakers.
| Week | Topic | Notes |
|---|---|---|
| 1/2 |
Class introduction & policies.
What is security? Security vs. risk, threats vulnerabilities. Security "thinking" |
|
| 2/3 | Personnel security and subversion. Vetting and awareness. | |
| 3 (cont) | Clearance and background checks. Insiders. Exceptions. Information operations, espionage, counter intelligence |
|
| 4 | Physical security, from micro to macro. Basic trust concepts Supply chain issues. |
|
| 5 | Intrusion detection and monitoring concepts, anomaly detection. Forensics and investigation. |
|
| 6 | Intellectual property. Copyright, patent, trade secret, trademark. Protections and issues. | |
| 7 | Law enforcement agencies. Evidence and prosecution issues. | |
| 8 | Criminal and civil law. Roles, procedures. CIRT and CERT teams, incident response |
|
| 9 | Big data and cloud computing. | |
| 10 | Cyber conflict: war, espionage, hacktivism. Issues of policy. | |
| 11 | Spring Break -- no classes! | Spring Break -- no classes! |
| 12 | Building secure systems. | |
| 13 | Pen testing, red teams, flaw reporting, disclosure | Possibly some student presentations |
| 14 | Standards, certifications, and related issues. | Possibly some student presentations |
| 15 | I will be gone. Class time will be made up in other classes. | Spaf is out of town all week |
| 16 | Privacy: what is it, how to protect it, social context, anonymity | Possibly some student presentations |
Readings will be assigned as the semester progresses. As this is a 600-level graduate class, students should be seeking out readings on their own to augment the material presented in the lectures.
I have a (somewhat outdated) list of recommended readings for my security courses. This will be augmented with other suggestions and recommendations as the semester progresses.
Students are encouraged to attend the weekly security seminar or to view the podcasts online.
Students are also encouraged to register for and attend the CERIAS symposium on March 24 & 25 of this year.
Other information, handouts, etc will be announced in class.