CSE 590NS: Computer and Network Security

CSE Home

Up

About Us

Search

Contact Info

Syllabus and Schedule  Homeworks  Mailing List

Time and Place: Mondays 3:00-4:20pm in MGH 287 and Wednesdays 3:00-4:20pm in MUE 153 (status) Instructors: David Wetherall and Radia Perlman (radia.perlman at sun.com -- please include 590NS in the subject line) Office Hours: TBD Textbook (required): Network Security: Private Communication in a Public World, C. Kaufman, R. Perlman and M. Speciner, 2nd edition. Errata is available at http://authors.phptr.com/networksecurity/updates.html. Please mail Radia if you discover more errata. Pre-requisites: This is an initial offering of an introductory, graduate-level, for-credit course. There are no official pre-requisites, though we do assume an undergraduate CS background, make use of basic probability and assume a willingness to explore some of the mathematics. Announcements: You can send anonymous feedback to the instructors Please subscribe to the class mailing list. Overview Security issues are pervasive in the design of computer systems, especially distributed ones such as the Internet, and the many security incidents reported in the press tell us that the state of security is nowhere near as good as is needed. This course will provide a graduate level introduction to computer and network security, covering two kinds of material. First, we will discuss cryptography. Cryptography provides a very powerful set of primitives that can be used to construct various kinds of secure protocols; the vast majority of secure computer systems you encounter will depend on it. Topics include: threats, confidentiality, integrity and authenticity, private key schemes (DES, AES), secure hashes (SHA1), public key schemes (RSA, Diffie-Hellman, digital signatures), authentication, key management (Kerberos, PKI), and examples of protocols in practice (SSL/TLS, IPSEC). The treatment of the cryptographic primitives will emphasize their properties and workings, rather than provide a formal mathematical study. Second, we will discuss systems security from the point-of-view of real-world vulnerabilities. The daily security grind that we experience -- viruses and worms, spam, denial-of-service and spyware -- has little to do with crypto per se. It involves topics such as: programs and bugs (buffer overruns, languages), operating system models (access control, sandboxing), user factors (passwords, policies), economic considerations (risk management and liability), the Internet architecture (DOS flooding attacks, firewalls) and implementation flaws in security schemes (randomness, timing attacks). These are diverse topics, and the treatment here will aim to discuss real vulnerabilities and link them with solution approaches. Evaluation and Grading There are three evaluation and grading components. The first is class participation (20%), including preparation by reading either the textbook and papers as appropriate. The second is homeworks (50%), which will be given and due every one to two weeks. There are tentatively six homeworks. The third component is a final exam (30%).

	Computer Science & Engineering University of Washington Box 352350 Seattle, WA  98195-2350 (206) 543-1695 voice, (206) 543-2969 FAX [comments to webmaster]