Site Map | College of Engineering | UC Davis | MyUCDavis

• HOME
• DEPARTMENT
• PEOPLE
• UNDERGRADUATE
• GRADUATE
• COURSES
• RESEARCH
• INDUSTRIAL AFFILIATES

ECS 153 COMPUTER SECURITY (4) II, III

Lecture: 3 hours

Discussion: 1 hour

Prerequisite: Courses ECS 150, ECS 152A

Grading: Letter; homework (30%), term project (30%), midterm (20%), final (20%)

Catalog Description:
Principles, mechanisms and implementation of computer security and data protection. Policy, encryption and authentication, access control and integrity models and mechanisms; network security; secure systems; programming and vulnerabilities analysis. Study of an existing operating system. No credit for students who have completed course 155.

Expanded Course Description:

1. What is computer security: notion of an informal policy, formalization of policy
2. Encryption: classical, public-key; implementation, problems; the UNIX file encryption mechanism and its cryptanalysis; the DES and RSA
3. Authentication: model of authentication systems, traditional passwords, challenge/response, one-time passwords; cryptographic protocols, simple cryptosystems; the standard UNIX authentication system, its limits and alternate forms; implementations of other mechanisms
4. Access control: controlling access to resources, access matrix model, undecidability result, access control lists and capability lists; mandatory controls, originator controls; variants; UNIX scheme and augmentations
5. Integrity: cryptographic checksums, malicious logic, viruses, Trojan horses; defenses, prevention; UNIX integrity checking tools and how they work; malicious logic and UNIX
6. Security-oriented programming: design principles, focusing on common problems; gates vs. privileged servers; environment, exception handling; writing secure servers and secure setuid/setgid programs in the UNIX environment
7. Networks and security: Internet Security Architecture, analysis of Internet protocols, design and implementation considerations; firewalls; UNIX networking and security
8. Penetration analysis: common types of flaws, examples, flaw hypothesis methodology, analysis of programs and systems; UNIX instances of problems, flaws, and how to fix them
9. Secure systems: types, models, design, changes to non-secure systems; comparative analysis

Textbook:
M. Bishop, Computer Security: Art and Science, Addison-Wesley Professional, 2002.

Computer Usage:
Students program their programming assignments and project using C and UNIX programs. Programs are developed on workstations running UNIX operating systems. Student use editors such as vi and emacs, and are exposed to debuggers and other standard UNIX tools.

Laboratory Projects:
The project deals with building a tool to analyze and/or improve the security of a computer or installation running the UNIX operating system, or using the Internet. The student will select the goal (the purpose of the software to be developed), determine how to measure success or failure, design the software, implement it under the UNIX operating system, and then analyze its effectiveness to see if the goal of the project was met.

Engineering Design Statement:
The principal project consists of the design and implementation of a tool to enhance the security of a computer system (or systems). The students develop their own goals, and (within guidelines given by the instructor) develop functional specifications. They then design, implement, document, and test (both experimentally and analytically) their software. Grading is based on all phases, including the selection of an attainable goal, the development of functional specifications, the design and implementation of the software, and its evaluation. Examination questions will require mastery of the techniques and principles used in all phases of the project.

ABET Category Content:

Engineering Science: 2 units
Engineering Design: 2 units

Goals:
Students will:

• learn the principles, mechanisms and implementation of computer security and data protection
• learn how attacks work, how to defend against them, and how to design systems to withstand such attacks
• An understanding of professional and ethical responsibility
• An ability to communicate effectively
• The broad education necessary to understand the impact of engineering solutions in a global, economic, environmental, and societal context
• A recognition of the need for, and an ability to engage in life-long learning
• A knowledge of contemporary issues
• An ability to use the techniques, skills, and modern engineering tools necessary for engineering practice

Student Outcomes:

• An ability to apply knowledge of mathematics, science, and engineering
• An ability to identify, formulate, and solve engineering problems

Instructor: M. Bishop, H. Chen

Prepared By: M. Bishop (February 2005)

Overlap Statement:
The content of this course overlaps some with course 155 (Computer Security for Non-Majors). This course is designed for majors and is more theoretical than 155 and has more technical depth.

5/06

Back to Course Descriptions

2063 Kemper Hall, 1 Shields Avenue, Davis CA 95616 | Phone 530-752-7004 | FAX 530-752-4767

Questions or comments?
Email webmaster@cs.ucdavis.edu
Page Updated: 5/06
Copyright © UC Regents, Davis Campus. All Rights Reserved.