EECE 412, Fall 2007
Introduction to Computer Security

Syllabus

Course Description

EECE 412, "Introduction to Computer Security," is a fourth year undergraduate elective course that introduces students to the subject of computer security from the technical point of view. The purpose of this course is to help students in learning the principles of computer and information security in general and of constructing secure systems in particular.

The students are expected to learn:

Logistics

When*: Tuesday and Thursday, from 17:30 to 18:50; September 4 to November 30, 2007.

Where*: McLeod 228

Announcements

All announcements for the course are made in the appropriate discussion topics of the course's WebCT site. It's expected that all students check discussion topics at least every business day.

* -- subject to change, see the course's entry in the calendar

Grading

Grading will be done according to the following break-down:

Module
Grade %
In-class and online contribution to discussions
5
Quizzes
20
Final examination
20
Term project proposal presentation & write-up (G)*
5
Term project presentation at the mini-conference (G)
5
Term project report (G)
25
Home assignments
20

________________________________________

* group assignments elements are marked with (G)

Course Staff

Lecturer

Dr. Konstantin Beznosov. Office hours by appointment.

Teaching Assistant

TBA

Learning Objectives

Core Learning Objectives

On completion of this course, students are expected to be able to:

  1. Articulate the principles of computer and information security,
  2. Describe similarities and differences among various symmetric and public key
    cryptographic techniques,
  3. Explain discretionary owner-based, mandatory lattice-based, and role-based access
    control models,
  4. Describe main types of security policies,
  5. Articulate the principles of security design,
  6. Explain methods of security assurance,
  7. Articulate the defense methods against malicious logic.

 

Entry Requirements

Prerequisites

Even though the following courses are formal pre-requisites for EECE 412, what you have to have is a reasonably good understanding of computer and software systems, which you might have gained through other similar courses or your own prior experience. If you have not taken these courses but have good knowledge of computers and software, talk to the course instructor to see if these formal requirements can be waived for you.

In theory, you can be a UBC student of any year to qualify for taking this course. However, in the past, 3rd year undergraduate students found this course somewhat too difficult.

Modules

In order to pass the course, each student must complete the following modules:

  1. Term Project

    Students will be responsible for a final project. You can work in groups of up to four people.

    The nature and the topic of the project is your choice, although it needs the approval of the teaching staff. For inspiration, you might want to look at the list of potential project topics found at the page of the term project module. Also, projects done by students in the previous years might help you to figure out the best scope and the technical level of your project. We will generally approve interesting topics about network, computer, or software security.

    Your group will need to present the project proposal and submit one or two-page written proposal with an initial bibliography (please see the course calendar for exact deadline information). It is advisable to get going early; we will gladly accept proposals before the deadline. This assignment gives us a chance to review and approve your project proposal, and to suggest references that you may have overlooked.

    We also encourage you to arrange a short meeting with the course staff to discuss what you want to do for the project. See the course calendar for the deadline for such a meeting.

    Several classes at the end of the course will be devoted to short presentations of each term project. You will to submit a written report on your project.

  2. Home assignments

    The are will be several problem sets posted about one week before the corresponding due dates. Solutions will be posted with corrected homework—hopefully within a week of the deadlines.

    There will be both individual and group problem sets. You are to work on group problem sets and term projects in groups. One problem set will be turned in by each group, and one grade will be given for each assignment. You must work in groups; assignments turned in by individuals or pairs will not be accepted. Be sure that you understand and approve the solutions turned in to each problem. Get your group organized as soon as you can, and email the composition of your group to the teaching staff.

    If you have trouble finding a group, contact the staff. To prevent your group from falling apart, make sure everyone participates and that you all communicate on a regular basis. If you have a problem with a groupmate, talk to him/her first. If you are unable to make a compromise or your group does fall apart, talk to the staff.

  3. Presentation of the term projects (mini-conference)

    Each group will present their term project to the rest of the class during a mini-conference at the end of the course. A tutorial on successful presentations will be held (see the course calendar for the date).

  4. Quizzes

    There will be several quizzes throughout the course. Quizzes will test your knowledge of material from lectures, home assignments, and readings.

    Marking and Make-Up Policies:

    1.One quiz with worst mark will NOT be used for calculating the quiz portion of your final mark in the course.
    2. No make-up quizzes will be given.

  5. Final examination

    There will be a final closed-book examination.

  6. Sessions

    Sessions will be a mix of lectures, Q&A, discussions, group and individual activities. Although attendance is not mandatory and will not be recorded, you are highly encouraged to participate actively since this will improve your understanding and retention of the material, as well as increase your participation grade.

  7. Participation

    Every student is expected to participate actively in the sessions and/or online discussions carried on between sessions on the discussion group of the course. Part of you final grade is determined by your participation. The following criteria will be used for assessing each student's participation:

    Mark Criteria
    5
    1. You are always prepared for class as evidenced by the substance of your whole-class and small-group comments, which you regularly make, and
    2. Your comments elevate the discussion level by expanding on current ideas, introducing new ideas, or asking insightful questions, and
    3. You are always an active listener and participant in course activities, and
    4. You always actively contribute to the online discussions and offer your answers to the questions other students post, and
    5. You never talk for the sake of talking, make rude or inappropriate comments, or serve as a distraction for other students.
    4
    1. You are frequently prepared for class as evidenced by the substance of your whole-class and small-group comments, which you regularly make, and
    2. Most of your comments elevate the discussion level by expanding on current ideas, introducing new ideas, or asking insightful questions, and
    3. You are frequently an active listener and participant in course activities, and
    4. You frequently contribute to the online discussions and offer your answers to the questions other students post, and
    5. You never talk for the sake of talking, make rude or inappropriate comments, or serve as a distraction for other students.
    3
    1. You are somewhat frequently prepared for class as evidenced by the substance of your whole-class and small-group comments, which you somewhat regularly make, and
    2. Some of your comments elevate the discussion level by expanding on current ideas, introducing new ideas, or asking insightful questions, and
    3. You are somewhat frequently an active listener and participant in course activities, and
    4. You somewhat frequently contribute to the online discussions and offer your answers to the questions other students post, and
    5. You generally don't talk for the sake of talking, make rude or inappropriate comments, or serve as a distraction for other students.
    2
    1. You are some times prepared for class as evidenced by the substance of your whole-class and small-group comments, which you somewhat regularly make, and
    2. Some of your comments elevate the discussion level by expanding on current ideas, introducing new ideas, or asking insightful questions, and
    3. You are generally an active listener and participant in course activities, and
    4. You contribute sometimes to the online discussions and offer your answers to the questions other students post, and
    5. You generally don't talk for the sake of talking, make rude or inappropriate comments, or serve as a distraction for other students.
    1
    1. You are rarely prepared for class as evidenced by the substance of your whole-class and small-group comments, which you somewhat regularly make, or
    2. Few of your comments elevate the discussion level by expanding on current ideas, introducing new ideas, or asking insightful questions, or
    3. You are rarely an active listener and participant in course activities, or
    4. You contribute rarely to the online discussions and offer your answers to the questions other students post, or
    5. You happen to talk for the sake of talking, make rude or inappropriate comments, or serve as a distraction for other students.
    0
    1. You are almost never prepared for class as evidenced by the substance of your whole-class and small-group comments, which you somewhat regularly make, and
    2. Almost none of your comments elevate the discussion level by expanding on current ideas, introducing new ideas, or asking insightful questions, and
    3. You are almost never an active listener and participant in course activities, and
    4. You almost never contribute to the online discussions and offer your answers to the questions other students post, or
    5. You talk for the sake of talking, make rude or inappropriate comments, or serve as a distraction for other students.

     

  8. Reading

    Each student is expected to read all required material for each session. There will be also optional reading for most sessions, which will help you to gain dipper and/or broader understanding of a particular topic.

Textbook

Course Textbook

  1. Mark Stamp, Information Security : Principles and Practice, Wiley-Interscience, 2005.
  2. Anderson, Ross. Security Engineering -- A Guide to Building Dependable Distributed Systems. John Wiley & Sons, 2001. This book is also available online.

Recommended Reading

Please see the page with additional resources for a list of recommended additional reading.