In this course, student will systematically study the fundamental principles of computer system security, including authentication, access control, capability, security policies, sandbox, software vulnerabilities, and web security. Most of these principles will be studied within the scope of concrete systems, such as Linux, Solaris, and Windows. The course emphasizes "learning by doing", and requires students to conduct a series of lab exercises. Through these labs, students can enhance their understanding of the principles, and be able apply those principles so solve real problems. After completion of the course, students should be able to possess the following skills:
- be able to explain security principles,
- be able to explain how various security mechanisms work, and correlate these security mechanisms with security principles,
- be able to compare various security mechanisms, and articulate their advantages and limitations,
- be able to apply security principles to solve problems,
- be able to analyze and evaluate software systems for its security properties,
- be able to evaluate risks faced by computer systems,
- be able to explain how various attacks work,
- be able to detect common vulnerabilities in software,
- be able to design and implement basic security mechanisms to protect computer systems,
- be able to describe and generalize various software vulnerabilities,
Professor: Wenliang (Kevin) Du
Office: SciTech Building, Room 4-285
Phone: 443-9180
Email address: wedu@syr.edu
Required: A selected list of reading materails assigned in the class.
Required: Introduction to Computer Security, by Michael T. Goodrich and Roberto Tamassia. Addison Wesley, 2010.
(We will use part of the book for this course, and will use other parts for CIS/CSE 644: Internet Security).Suggested: Secure Programming for Linux and Unix HOWTO -- Creating Secure Software
by David Wheeler. This is a free book and can be downloaded from the author's web site.