Syllabus (Winter 2015)
Documents and Lecture Notes
All the documents will be posted on Blackboard Learn.
Schedule
Office hours: Friday, 2:00 - 3:00 pm, SITE 5-110.
Please let me know ahead of time if you wish to meet.
Teaching Assistant: Nafi Kawser Wazed: nkaws055@uottawa.ca
Course Description (from the
calendar)
Security policies. Security mechanisms. Physical security. Security awareness. User authentication. Application security mechanisms. Encryption. External and internal firewalls. Security of operating systems and software. Security of e-commerce applications. Design of security system and components. Devices for security analysis; sniffers, attack detectors. Information warfare. Ethical issues in computer security.
Prerequisite: CEG3185. Also offered as CEG4399.
Books
Course textbook
Suggested Books
Other books
Some other books, among many others...
- William Stallings,
Cryptography and Network Security: Principles and Practices,
Third Edition, Prentice Hall, 2003
- Aviel Rubin and Marcus Ranum, Web
Security Sourcebook, Wiley, 1997
- William Cheswick, Steven Bellovin, and Aviel Rubin,
Firewalls and Internet Security: Repelling the Willy Hacker, Addison-Wesley, 2003
- John Viega and Gary McGraw, Building Secure
Software: How to Avoid Security Problems the Right Way, Addison-Wesley, 2001
- Bruce Schneier, Applied Cryptography:
Protocols, Algorithms, and Source Code in C, Second Edition, Wiley, 1996
- Alfred Menezes, Paul Van Oorschot, and Scott Vanstone,
Handbook of Applied Cryptography, CRC Press, 1997 (online version available
at www.cacr.math.uwaterloo.ca/hac)
- Mark Graff and Kenneth van Wyk, Secure
Coding : Principles and Practices, O’Reilly, 2003
- Michael Howard and David LeBlanc, Writing
Secure Code, second edition, Microsoft Press, 2003
Marking grid
| Assignments and Labs: |
25% |
| Assignment 1: |
5% |
| Assignment 2: |
5% |
| Lab 1: |
5% |
| Lab 2: |
5% |
| Lab 3: |
5% |
|
|
| Mid term: |
25% |
|
| Final: |
50% |
|
Assignments and Exams Schedule
The dates provided might be changed as needed. They are provided as an indication only.
Assignments must be emailed by midnight of the due date to the TA, cc to the prof.
- Assignment 1: January 30
- Assignment 2: March 20
- Lab 1: February 13
- Lab 2: March 6
- Lab 3: April 3
- Mid term: February 26
- Final: see the registrar's site
Course Schedule
The dates provided are an indication only and are bound to change.
| Week |
Topic |
Book Chapters |
| 1 |
Introduction |
1 |
| |
Overview of a Secure System |
|
| 2, 3 |
User Security |
3 |
| |
Passwords, identity, authentication, biometry |
|
| 4 - 6 |
Basic Cryptography and Tools |
2, 20, 21 |
| |
Cryptography, Key exchange, Security Policies |
|
7 |
Access Control |
4 |
| |
Access control matrix, Access control mecanisms |
|
| 8,11-A |
Software Security. |
7-11, 22 |
| |
Malicious software, DOS, Intrusions detection, Firewalls, software security, internet security protocols |
|
| 11-B |
Information Flow |
|
| |
Information Flow, Confinement |
|
| 12-A |
Assurance and Evaluation |
13.7, Part III |
| |
Systems assurance and evaluation, Audits |
|
| 12-B |
Recap |
|
General Rules and Regulations
Late Work
Assignments, labs and exams are due on time. Late work will get zero.
Plagiarism
If plagiarism is detected:
- you will get zero to the work in which plagiarism is detected,
- you might be assigned an F to the course,
- your file will be immediately sent to the administration, who will take whatever measure it deems appropriate.
See some information about plagiarism and academic fraud
here.
About the exams
In a fourth year course, you can't expect that everything that can be asked during exams was actively covered in class. You are assumed to have
read the books and suggested documents.
Academic Regulations
Please read the
Faculty regulations
Important dates and deadlines
Details about
Important dates and deadlines.
