CS 600.443: Security and Privacy in Computing
The syllabus is a loose outline of the topics we will cover in this class.
Some topics will spill over into other weeks, and some will be shorter. The
syllabus is tentative and subject to change.
Assignments will be done in groups of size 1 to 4. However, the expected level of output of each group
is the same, so if you work alone, you are still required to produce as much as a larger group.
Grades will be determined as follows:
- Assignments 1: 20%
- Assignment 2: 50%
- Final: 30%
Assignments are due at the beginning of class at 2:30 p.m.
on the stated due date. Late assignments will be penalized 5 percentage
points per weekday.
There is no collaboration allowed on exams. You must do only
your own work. There are no textbooks, notes, or computers allowed
during exams. Exams will be based on any material presented in
lecture and any material in the assigned readings.
Firewalls and Internet security (second edition), Addison Wesley, 2003.
By Bill Cheswick, Steve Bellovin, Avi Rubin
Paperback - 384 pages (June, 2001)
Addison-Wesley ISBN: 0-201-63466-X
Course Mailing List
All students must sign up for the class mailing list. Send mail
with "subscribe cs443"
in the message body. Then, to send mail to the class,
send it to cs443 at cs.jhu.edu.
Important announcements will be maid via the mailing list, and students
will be responsible for any information posted to the list.
I will hold my scheduled office hours at 326 NEB after class
on Thursdays, 3:45 a.m. to 5:00 p.m. When needed, I will have hours there on Fridays as well.
My primary office is at 416 Wyman Park, and we can meet there by appointment.
The TA for our class is Matt Green. Here is the TA page.
You can meet with the TA by appointment.
Reading: Chapters 4, 9, 10, 11
Introduction to the course
Lecture topic: Network security, firewalls, IPsec
Discussion of project
Lecture topic: Network security (cont)
Web security, authentication, SSL, Passport, SSH
Reading: Chapters 12, 15, Honeypots,
Lecture topic: Finish up network & web security
IDS, Tunneling and VPNs
Some time at the end of lecture to finish
Assignment #1 out
Lecture topic: Honeypots
Reading: Chapters 5, 6, Gen 2 Honeynet,
Lecture topic: Honeypots/honeynets (cont.)
Lecture topic: Viruses and worms
Reading: NSF voting paper (pdf),
Diebold security analysis,
Caltech MIT report (pdf),
California report (pdf),
California report appendix (pdf),
CACM e-voting paper (pdf)
Lecture topic: Security Issues in Voting
Lecture topic: Voting continued (analysis of Diebold voting system, hack-a-vote), Caltech/MIT study
Assignment #1 in
Assignment #2 out, available here
Reading: WEP paper
Guest lecture: Adam Stubblefield on wireless security
Lecture topic: Alternative authentication technologies
Reading: Appendix A, Chapter 18
Lecture topic: Cryptography
Lecture topic: Crypto (cont.), key mgmt, PKI, escrow
Reading: Chaum's paper on receipt voting
Lecture topic: Crypto continued, Sensus voting system, Chaums receipt scheme
Guest Lecture: Ari Schwartz from Center for Democracy and Technology
Guest lecture by Randy Sabett
Assignment #2 deliverable due
Assignment #2 presentations
Assignment #2 presentations
No class due to Passover holiday
Lecture topic: Basic Privacy
Reading: ACM Chaum paper (pdf),
Crowds paper (pdf),
Umass paper (pdf)
Lecture topic: P3P
Lecture topic: Anonymous routing: Crowds
Reading: Publius paper (pdf)
Lecture topic: Censorship resistance: Publius, Freenet, Tangler
Guest Lecture by Gary McGraw: Exploiting Software
Final assignment in
Final Exam Review
Final exam: May 6, 1:00 PM - 4:00 PM
The content from last year has changed somewhat, but
last year's final as a sample of what my exams look like.
Computer Science Department Academic Integrity Code
The strength of the university depends on academic and personal
integrity. In your studies, you must be honest and truthful. Ethical
violations include cheating on exams, plagiarism, reuse of
assignments, improper use of the Internet and electronic devices,
unauthorized collaboration, alteration of graded assignments, forgery
and falsification, lying, facilitating academic dishonesty, and unfair
Academic honesty is required in all work you submit to be graded.
Except where the instructor specifies group work, you must solve all
homework and programming assignments without the help of others. For
example, you must not look at any other solutions (including program
code) to your homework problems or similar problems. However, you may
discuss assignment specifications with others to be sure you
understand what is required by the assignment.
*If* your instructor permits using fragments of source code from
outside sources, such as your textbook or on-line resources, you must
properly cite the source. Not citing it constitutes plagiarism.
Similarly, your group projects must list everyone who participated.
Falsifying program output or results is prohibited.
Your instructor is free to override parts of this policy for
particular assignments. To protect yourself: (1) Ask the instructor
if you are not sure what is permissible. (2) Seek help from the
instructor or TA, as you are always encouraged to do, rather than from
other students. (3) Cite any questionable sources of help you may
Students who cheat will suffer a serious course grade penalty in addition
to being reported to university officials. You must abide by JHU's Ethics
Code: Report any violations you witness to the instructor. You may consult
the associate dean of students and/or the chairman of the Ethics Board
beforehand. For more information, see the guide on Academic
Ethics for Undergraduates (http://www.advising.jhu.edu/ethics.html)
and the Ethics Board web site (http://ethics.jhu.edu).