EECE 412, Fall 2012
Introduction to Computer Security

Syllabus

Course Description

EECE 412, "Introduction to Computer Security," is a fourth year undergraduate elective course that introduces students to the subject of computer security from the technical point of view. The purpose of this course is to help students in learning the principles of computer and information security in general and of constructing secure systems in particular.

The students are expected to learn:

Logistics

When*: Tuesday and Thursday, from 9:30 to 10:50; September 6 to November 29, 2012.

Where*: McLeod 254.

Announcements

All announcements for the course are made during sessions and in the appropriate discussion topics of the course's WebCT site. It's expected that all students check discussion topics at least every business day.

* -- subject to change, see the course's entry in the calendar

Grading

Grading will be done according to the following break-down:

Module
Grade %
In-class and online contribution to discussions
5
Quizzes
20
Final examination
20
Term project proposal presentation & write-up (G)*
5
Term project presentation at the mini-conference (G)
5
Term project report (G)
25
Home assignments (both group and individual)
20

________________________________________

* group assignments elements are marked with (G)

In order to pass the course, you have to earn 50% or more of the points of the final examination, irrespectively of your quiz, assignment, or term project results. If you earn 49% or less of the points of the final examination, your final mark for the course will become automatically "F".

Course Staff

Lecturer

Dr. Konstantin Beznosov. Office hours: see course calendar, KAIS 4047.

Teaching Assistant

Ildar Muslukhov, Ph.D. candidate: office hours, see course calendar, KAIS 4037.

Learning Objectives

Core Learning Objectives

On completion of this course, students are expected to be able to:

  1. Articulate the principles of computer and information security,
  2. Describe similarities and differences among various symmetric and public key
    cryptographic techniques,
  3. Explain discretionary owner-based, mandatory lattice-based, and role-based access
    control models,
  4. Describe main types of security policies,
  5. Articulate the principles of security design,
  6. Explain methods of security assurance,
  7. Articulate the defense methods against malicious logic.

 

Entry Requirements

Prerequisites

You should be a graduate student or an undergraduate student in your 4th year in order to take this course. The following courses are formal pre-requisites for EECE 412. Either

  1. CPSC 310 and CPSC 313, or
  2. EECE 310 and EECE 315, or
  3. EECE 310 and CPSC 313, or
  4. EECE 314.

If you have not taken these courses but have good knowledge of computers and software, talk to the course instructor to see if these formal requirements can be waived for you. In theory, you can be a UBC student of any year to qualify for taking this course. However, in the past, 3rd year undergraduate students found this course too difficult.

Modules

In order to pass the course, each student must complete the following modules:

  1. Term Project

    Students will be responsible for a final project. You should work in groups of 3-4 students. There should be no more than one graduate student in each group. Contribution of each student to the term project will be evaluated by the other team members via iPeer.

    The nature and the topic of the project is your choice, although it needs the approval of the teaching staff. For inspiration, you might want to look at the list of potential project topics found at the page of the term project module. Also, projects done by students in the previous years might help you to figure out the best scope and the technical level of your project. We will generally approve interesting topics about network, computer, or software security.

    Your group will need to present the project proposal and submit a two-page written proposal with an initial bibliography (please see the course calendar for exact deadline information). It is highly advisable to get going early; we will gladly accept proposals before the deadline. This assignment gives us a chance to review and approve your project proposal, and to suggest references that you may have overlooked.

    We also encourage you to arrange a short meeting with the course staff to discuss what you want to do for the project. See the course calendar for the deadline for such a meeting.

    One whole day will be devoted to short presentations of each term project. You will to submit a written report on your project.

  2. Home assignments

    The are will be several problem sets posted about one week before the corresponding due dates. Solutions will be posted with corrected homework—hopefully within a week of the submission deadlines.

    There will be both individual and group problem sets. You are to work on group problem sets and term projects in same groups. One problem set will be turned in by each group, and one grade will be given for each assignment. You must work in groups; assignments turned in by individuals or pairs will not be accepted. Be sure that you understand and approve the solutions turned in to each problem. Get your group organized as soon as you can, and email the composition of your group to the teaching staff. Contribution of each student to the group assignments will be evaluated by the other team members via iPeer.

    If you have trouble finding a group, contact the staff. To prevent your group from falling apart, make sure everyone participates and that you all communicate on a regular basis. If you have a problem with a group-mate, talk to him/her first. If you are unable to make a compromise or your group does fall apart, talk to the staff.

    Late Turn in, Marking, and Make-Up Policies:

    1.One assignment with worst mark will NOT be used for calculating the quiz portion of your final mark in the course.
    2. No late assignments are accepted.
    3. No make-up assignments will be given for those who missed them.

  3. Presentation of the term projects (mini-conference)

    Each group will present their term project to the rest of the class during a mini-conference at the end of the course. A tutorial on successful presentations will be held (see the course calendar for the date).

  4. Quizzes

    There will be several quizzes throughout the course. Quizzes will test your knowledge of material from lectures, home assignments, and readings. See the course calendar for the quiz dates.

    Quizzes Marking and Make-Up Policy:

    1.One quiz with worst mark will NOT be used for calculating the quiz portion of your final mark in the course.
    2. No make-up quizzes will be given.

  5. Final examination

    There will be a final closed-book examination.

  6. Sessions

    Sessions will be a mix of lectures, Q&A, discussions, group and individual activities. You are highly encouraged to participate actively since this will improve your understanding and retention of the material, as well as increase your participation grade. Attendance is mandatory but will not be recorded. It is your responsibility to be aware of any announcements made during sessions and to know the material presented and discussed at the sessions.

  7. Participation

    Every student is expected to participate actively in the sessions and/or online discussions carried on between sessions on the discussion group of the course. Part of you final grade is determined by your participation. The following criteria will be used for assessing each student's participation:

    Mark Criteria
    5
    1. Course instructor knows you by name, and
    2. You often (i.e., almost at every session) contribute to the session discussions with insightful and/or original comments/questions, first introducing yourself, and
    3. You are always an active listener and participant in course activities.
    4
    1. You commonly (i.e., at every other session, on average) contribute to the session discussions with insightful and/or original comments/questions, first introducing yourself, and
    2. You are frequently an active listener and participant in course activities.
    3
    1. You some times (i.e., every two weeks, on average) contribute to the session discussions with insightful and/or original comments/questions, and
    2. You are somewhat frequently an active listener and participant in course activities.
    2
    1. You rarely (i.e., once in three weeks, on average) contribute to the session discussions with insightful and/or original comments/questions, and
    2. You are generally an active listener and participant in course activities.
    1
    1. You very rarely (i.e., once a month, on ravage) contribute to the session discussions with insightful and/or original comments/questions, or
    2. You are rarely an active listener and participant in course activities.

     

  8. Reading

    Each student is expected to read all required material for each session. There will be also optional reading for most sessions, which will help you to gain dipper and/or broader understanding of a particular topic.

Academic Integrity

All students are expected to engage in all course activities within the norms of academic integrity. You can find more information about academic integrity and plagiarism at the web page of the UBC's Academic Integrity Resource Centre. A description of disciplinary measures for academic misconduct can be found here.

Textbook

Course Textbook (required)

  1. Mark Stamp, Information Security : Principles and Practice, Second Edition, Wiley-Interscience, 2011.

Optional (highly recommended) Reading

  1. Anderson, Ross. Security Engineering -- A Guide to Building Dependable Distributed Systems. John Wiley & Sons, 2008, Second Edition. See free chapters from this book online.

Other Reading

Please see the page with additional resources for a list of recommended additional reading.