CS 590U

Access Control: Theory and Practice

Spring 2006


  • Time: Tuesday and Thursday 3:00pm to 4:15pm
  • Location:  REC 113



List of Course Project Topics

Course Mailing List:

  • CS590U_Spring2006


Grades for the course are based on homework assignments (30%), a mid-term exam (30%), and a project (40%)

  • The assignments may include problems to be solved, ask you to read a paper and answer questions based on the paper, or ask you to write reviews for papers. 
  • There will be an exam covering about the first half of the course.
  • Each student will conduct a course project during the second half of the course. See the project page for a list of project topics.  Students are also welcome to come up with project ideas.  A project will consist of the following activities.  Grade for the project will be 40% of the grade for the course.
    • Pre-proposal
      It should be about half a page to a page, listing two or three projects you find most interesting. Describe why you find them interesting and related backgrounds you have. If you want to propose another project idea, you should do so using the pre-proposal. Describe the objectives and the plan, and give a list of references.

    • Progress report
      The proposal should include survey of the literature. Detailed description of the plan.

    • Final presentation for the project (During the last three lectures of the class)

    • Final report for the project (Due at the end of the class)
General Info:

This course is for graduate students in Computer Sciences and ECE.  Undergraduate students interested in taking the course should contact the instructor.  

Access control is an important technique in ensuring security; it is used in almost all information systems where security is a concern. This course covers the fundamental results in access control. It also presents the state of art of access control theory and techniques both in research literature and in

The goals of this course are the following.  

  • Give students a systematic and in depth understanding of access control theory and techniques.  The focus of this course is not on giving a listing of the various models and techniques developed for access control, but rather on understanding the effectiveness and limitation of these models and techniques.  While examining research results, we ask the following questions: What are the problems this piece of work tries to solve?  To what extent does it solve the problems?  Are these the right problems to solve?  How could this result be used in practice?  What other problems can be asked?  While examining existing systems, we ask similar questions about the access control features in these systems. 

  • Give students (especially beginning graduate students) some exposure to research activities such as literature research, independent thinking and analysis, interacting with the instructor and peer students, and organizing and presenting materials and results.

  • Help interested students develop long term research interests in this area.


  • Information security: minimum one (graduate or undergraduate) course on security/cryptography required, e.g., any of CS355, CS426, CS555, CS526 or equivalent will do. 
  • Theory of computation and algorithms: CS381 or equivalent and CS483 or equivalent. 

    Please contact the instructor if there is any question about prerequisites. 

Relationship with CS 526

  • This course do not require CS 526 as a prerequisite.  As a result, about 10% of the contents in this course overlap with that in CS 526.  Even though several topics in this course may be covered in CS 526, the way they are treated here is quite different here.