| |
|
Introduction and Basics
- Class Introduction (syllabus, policies, and projects)
- An Overview of Computer Security
Operating Systems Security
- Operating Systems Security Basics
- Authentication, access control, and audit
- Unix Security Basics
Software vulnerabilities
- Buffer overflow, format string bugs, integer overflow, race
conditions, etc.
Access Control
- Unix access control in depth: setuid,chroot, DTE, POSIX
capabilities, securelevel, sandboxing
- Mandatory Access Control
- Bell-LaPadula model, Trusted Operating Systems
- Integrity protection
- Role-Based Access Control
Malware and defenses
- Viruses, worms, rootkits, botnets
- Defense mechanisms
Introduction to Cryptography
- One-time Pad, Stream Ciphers, Block Ciphers, Modes of using block
ciphers.
- Public-key encryption algorithms
- Message Integrity: cryptographic
hash functions, Message Authentication Codes (MAC)
- Digital Signatures
-
Authentication & Key Establishment Protocols
-
How to use cryptography correctly
Network Security
- TCP/IP and DNS security issues
- TLS/SSL
- Firewalls
- Intrusion detection systems
|