This course is divided into three major components: overview, detailed concepts, and implementation techniques. The topics to be covered are: general security concerns and concepts from both a technical and management point of view, principles of security, architectures, access control and multi-level security, Trojan horses, covert channels, trap doors, hardware security mechanisms, security models, security kernels, formal specifications and verification, networks and distribution systems and risk analysis.

Course Syllabus

• What is Computer Security

• Why Systems are not Secure

• General Concepts

• Design Techniques

• Principles of a Security Architecture

• Access Control and Multilevel Security

• Trojan Horse and Convert Channels

• Hardware Security Mechanisms

• Security Models

• Security Kernels

• Architectural Consideration

• Formal Specification and Verification

• Networks and Distribution Systems

• Risk Analysis

References

[1] Gasser, M., Building a Secure Computer System, Van Nostrand Reinhold Company Inc., 1988.
[2] Ford, W., Computer Communications Security, PTR Prentice Hall Inc., 1994.
[3] Denning , D.E., Cryptography and Data Security, Reading, Mass.: Addison-Wesley, 1983.
[4] Forcht, K.A., Boyd and Frazer Publishing Company, 1994.