ICS 355: Security and Trust I: Resource Protections

Description: Security and trust in computers, networks, and society. Security models. Access and authorization. Availability and Denial-of-Service. Trust processes and network interactions.

Objectives: Students can explain and structure the basic concepts and techniques needed by every security professional.

Program Learning Outcomes

Prerequisites: 241 or (MATH 301 and 371).

Textbook(s): 1. Lecture Notes 2. Dieter Gollman, Computer Security (Wiley 2011, 3rd ed) 3. Ross Anderson, Security Engineering (Wiley 2008, 2nd ed)

Grading: Homework assignments (30%) In-Class assignments (30%) Exams (40%)

Schedule: 1. Assets and attacks. Prevention, detection and deterrence. 2. Physical security, computer security, system security, data security. 3. Perimeter and defense in depth. 4. Trust process. Trust transformation and relocation. Web of trust. 5. Reputation and feedback 6. Access control and authorization 7. Security models and multi-level security 8. Availability and Denial-of-Service 9. Malware and fraud 10. Privacy and anonymity