Home » Courses » Course Descriptions

ECS 155 COMPUTER SECURITY FOR NON-MAJORS (4) I

Lecture: 3 hours

Discussion: 1 hour

Prerequisite: Programming skill at the level of course 30; Mathematics 21C

Grading: Letter; homework (50%), midterm (20%), final (30%)

Catalog Description:
Principles, mechanisms, implementation, and sound practices of computer security and data protection. Cryptography. Authentication and access control. Internet security. Malicious software. Common vulnerabilities. Practical security in everyday life. No credit allowed to students who have completed course 153.

Expanded Course Description:

1. Operating systems background: process management, memory management, file and I/O systems
2. Computer networks background: OSI reference model, packet switching, routing, TCP, UDP, HTTP. Wireless networks
3. Design and implementation principles: principles of secure design, robust programming, assurance, and the software engineering life cycle
4. Cryptography: shared-key and public-key schemes, digital signatures, certificates and PKI
5. Authentication: traditional passwords, challenge/response
6. Access control: access matrix model, access control lists and capability lists
7. Internet security: firewalls, intrusion detection and response, SSL and TLS
8. Malicious software: malicious logic, viruses, worms, Trojan horses, spy wares
9. Common vulnerabilities: design flaws, software bugs, misuse of cryptography, configuration errors, user mistakes
10. Sound security practices in everyday life

Textbook:
M. Bishop, Introduction to Computer Security, Addison-Wesley Professional, 2004

Computer Usage:
I. Students program their programming assignments and project using C and UNIX programs.
II. Programs are developed on workstations running UNIX operating systems. Student use editors such as vi and emacs, and are exposed to debuggers and other standard UNIX tools

Engineering Design Statement:
The programs that the students will design, implement, test, and validate relate to the security of a computer system or network. The programs will range from implementations of cryptosystems to programs to check for unsafe system configurations, and will require them to apply the concepts and practices learned in class. Grading will be based on the robustness and application of general security principles as well as how well the program meets the specific goals of the assignment. Examination questions will require mastery of the techniques and principles used in the programs.

ABET Category Content:
Engineering Science: 2 units
Engineering Design: 2 units

Goals
Students will:

• be introduced to the principles, mechanisms and implementation of computer security
• learn how attacks work
• learn how to defend against them
• learn how to design systems to withstand such attacks
• learn how to use computers and the internet security

Instructor: H. Chen, K. Levitt, M. Bishop

Prepared by: H. Chen, K. Levitt, M. Bishop (February 2005)

Overlap Statement:
The content of this course overlaps some of the content of course 153, but is intended for non-majors. This course is less theoretical than course 153. The coverage of this course is broader, and goes into less technical depth, than course 153.

5/06

1 Shields Avenue, 2063 Kemper Hall, Davis CA 95616 | Phone 530.752.7004 | FAX 530.752.4767

Home | Department | People | Undergraduate Program | Graduate Program | Courses | Research
Prospective Students | Prospective Staff/Faculty | College of Engineering | UC Davis Home

Questions/comments: webmaster@cs.ucdavis.edu