Lecture: 3 hours
Discussion: 1 hour

Catalog Description:
Principles, mechanisms, implementation, and sound practices of computer security and data protection. Cryptography. Authentication and access control. Internet security. Malicious software. Common vulnerabilities. Practical security in everyday life. Course not intended for CS or CSE majors.

Prerequisite: Programming skill at the level of course 15

Grading: Letter; homework (50%), midterm (20%), final (30%)

Credit restrictions: Not open for credit to students who have completed course 153 or 155

Summary of course contents

  1. Introduction: security, assurance
  2. World Wide Web: browsers, computer viruses and worms, firewalls, networks
  3. Privacy: data protection, sanitization, encryption, secure email
  4. Society and Computer Security: e-voting, social networking, e-commerce, home computing, mobile computing (phones, smart devices)
  5. Doctors, Lawyers, and Regulations: electronic medical records, forensics, government regulations such as HIPAA and Sarbanes-Oxley
  6. How Do You Know It Works: analyzing systems, vulnerabilities, defenses, secure coding
  7. Cybercrime, cyberwarfare, and cyber-terrorism
  8. Miscellaneous: virtual computing, cloud computing

Goals: Students will: (1) be introduced to the principles, mechanisms and implementation of computer security; (2) learn how to be skeptical of claims and ask questions to better understand them; (3) learn how to defend against threats to security; (4) learn subject areas relating to security; (4) learn about computer security and assurance in daily life.

Illustrative reading
Handouts assembled by the instructor.

Computer Usage:
I. Students program their programming assignments and project using C and UNIX programs.
II. Programs are developed on workstations running UNIX operating systems. Student use editors such as vi and emacs, and are exposed to debuggers and other standard UNIX tools

Engineering Design Statement:
The programs that the students will design, implement, test, and validate relate to the security of a computer system or network. The programs will range from implementations of cryptosystems to programs to check for unsafe system configurations, and will require them to apply the concepts and practices learned in class. Grading will be based on the robustness and application of general security principles as well as how well the program meets the specific goals of the assignment. Examination questions will require mastery of the techniques and principles used in the programs.

ABET Category Content:
Engineering Science: 2 units
Engineering Design: 2 units

Students will:

  • be introduced to the principles, mechanisms and implementation of computer security
  • learn how attacks work
  • learn how to defend against them
  • learn how to design systems to withstand such attacks
  • learn how to use computers and the internet security

Science & Engineering
Scientific Literacy

Overlap: The content of this course overlaps some of the content of course 153, but is intended for non-majors. This course is less theoretical than course 153. The coverage of this course is broader, and goes into less technical depth, than course 153.

Instructors: M. Bishop and S. Peisert

History: 2012.10.17 (M. Bishop, S. Peisert): Renumbered course (formerly ECS 155). Added changes from 2010 revision that had not been entered into ICMS. S. Peisert (July 2010): reduction of prereqs (Math 21C, 30à15) and new summary of course contents.