CS 194 1 CS 161 Class Introduction CS 161 194 1 basic facts This is a class about computer security 4 units Doug Tygar doug tygar gmail com August 29 2005 To take this class you need patience an open mind and willingness to work hard cs161 org August 29 2005 This is an experimental class if successful it will become CS 161 Doug Tygar 2005 cs161 org Adding this class August 29 2005 Doug Tygar 2005 cs161 org Berkeley leader in security research If you are an upper division declared major and currently on the waiting list you have a good chance of getting in work with Michael David Sasson If you want to add and aren t in already get on the waiting list asap TRUST Berkeley leads consortium DETER Berkeley leads consortium ACCURATE NEST Crypto research Security and HCI Security for NSF DoD DHS USPS DOE etc August 29 2005 Doug Tygar 2005 cs161 org Instructors vazirani cs 671 Soda daw cs 629 Soda August 29 2005 sears cs LeadScope Microsoft Research security knowledge representation programming languages AI Ivan Tam David Wagner jmkalvass berkeley Sandia red teaming Google Adwords fraud detector PrivacyLink NetState Rusty Sears tygar cs 531 Soda and 307B South Umesh Vazirani Jeff Kalvass adj cs 675 Soda Doug Tygar Doug Tygar 2005 cs161 org TAs so far Anthony Joseph August 29 2005 Doug Tygar 2005 cs161 org ivan sims Information architecture security HCI and MMPRGs August 29 2005 Doug Tygar 2005 cs161 org 1 Sections Grading Academic grade No section this week Project 35 We are likely to add a fourth section details coming soon Two parts three grace days Exams 40 Midterm 1 tentatively October 5 10 Midterm 2 tentatively November 9 10 Final 20 Homework 15 5 6 homeworks lowest score dropped Class participation 10 August 29 2005 Doug Tygar 2005 cs161 org Final grade Final grade ethics grade academic grade Ethics grade will normally be 1 Ways to get a 0 ethics grade Violate campus computing policy Violate privacy of other people without permission Tamper with data of other people without permission Fail to report a vulnerability or an observation of unethical behavior Unethical behavior may be referred for additional disciplinary action Doug Tygar 2005 cs161 org Collaborative work Doug Tygar 2005 cs161 org Class participation August 29 2005 August 29 2005 Showing up is the first step Asking or answering questions is good but don t filibuster Having your cell phone ring in class is bad Taking the cell phone call in class is worse Treat students and staff with dignity August 29 2005 Doug Tygar 2005 cs161 org Textbooks Projects will be in groups of four Security in Computing 3rd ed Pfleeger all must be in the same section Homeworks are done individually You may use the following resources No consulting others No Googling for the answer Instructors TAs assigned texts posted notes Security Engineering Anderson Consult with TAs over problem cases Always cite references plagiarism is not permitted August 29 2005 Doug Tygar 2005 cs161 org August 29 2005 Doug Tygar 2005 cs161 org 2 Other class resources Lectures tentative cs161 org lecture notes pointers to some readings and assignments are posted here Newsgroup ucb class cs161 read daily August 29 2005 Doug Tygar 2005 cs161 org Lectures tentative Aug 29 Overview intro to computer security Aug 31 Adversaries threat models security goals Sept 2 Access control authorization Sept 5 No class Labor Day Holiday Sept 7 Network security intro Sept 9 Networking background Sept 12 Firewalls Sept 14 Intrusion detection August 29 2005 Doug Tygar 2005 cs161 org Lectures tentative Sept 16 Symmetric key cryptography Oct 3 Implementation flaws buffer overruns Sept 19 Modular arithmetic background Oct 5 Midterm 1 Sept 21 Public key encryption Oct 7 Secret sharing Sept 23 Message authentication public key sigs Oct 10 Cryptographic protocols zero knowledge Sept 26 Secure channels Oct 12 Zero knowledge protocols Sept 28 Software security principles Oct 14 Authentication protocols Sept 30 Software security defensive programming Oct 17 Random number generation August 29 2005 Doug Tygar 2005 cs161 org Lectures tentative August 29 2005 Doug Tygar 2005 cs161 org Lectures tentative Oct 19 Electronic cash protocols Nov 4 OS security memory protection Oct 21 Electronic commerce systems Nov 7 Multi level security mandatory access ctl Oct 24 Database security inference control Nov 9 Midterm 2 Oct 26 Worms and viruses Nov 11 No class Veterans Day Holiday Oct 28 Distributed denial of service Nov 14 Language based security Oct 31 Web security Nov 16 Sandboxing Nov 2 Web services a case study Nov 18 Hardware security tamper resistance August 29 2005 Doug Tygar 2005 cs161 org August 29 2005 Doug Tygar 2005 cs161 org 3 Lectures tentative Why is security such a problem Nov 21 Side channel attacks fault attacks Nov 23 No class Thanksgiving Holiday Nov 25 No class Thanksgiving Holiday Remaining classes review overflow special topics Possible special topics Security Law digital rights management e voting quantum cryptography penetration testing privacy Post your requests August 29 2005 Doug Tygar 2005 cs161 org Monoculture computing environment Web e commerce collaborative applications Internet spans national boundaries Poor programming practices August 29 2005 Doug Tygar 2005 cs161 org Two security nightmares The transparent society Electronic Pearl Harbor August 29 2005 Doug Tygar 2005 cs161 org Electronic pearl harbor Goals of this class Is this just scare mongering Solid foundation in understanding security Slammer worm took down Bank of America s ATM network Seattle 911 service Key information a b building secure systems Nachi worm invaded Diebold ATMs Real worries about e voting validity Introduce range of topics in security Interest some of you in further study Millions of CC s SS s leaked Case study Attacks over the Taiwan straits August 29 2005 Doug Tygar 2005 cs161 org August 29 2005 Doug Tygar 2005 cs161 org 4
View Full Document
Unlocking...