Computing and Information Technology Interactive Digital Educational Library


Syllabus Collection >
Syllabus >

Please use this identifier to cite or link to this item:

Title: Computer Security
Authors: Baskin School of Engineering - UC Santa Cruz
Issue Date: 
Publisher: Baskin School of Engineering - UC Santa Cruz
Abstract: Syllabus | Schedule | Announcements | Grades | Feedback | Homework: 1 2 3 4 | Projects CMPS 290X: Computer Security (Spring 2001) Computer Science Department University of California, Santa Cruz Syllabus Time: Tuesday & Thursday 12-1:45 PM Location: Merrill 130 Instructor: Professor Ethan Miller ( Office & hours: 229 BE TA: TA office & hours: Prerequisites: CMPS 111 or equivalent. CMPS 221 recommended Required text: Applied Cryptography (2nd edition), Bruce Schneier Optional text: Cryptography and Network Security (2nd edition), William Stallings Home page: IMPORTANT NOTE: If you want to take this class, please send me email for information about call number and permission code. Course objectives The goal for this course is to provide a broad introduction to computer security including both theoretical and practical aspects. We will cover the following topics during the quarter: * Foundations of cryptography and computer security o Mathematical foundations o Randomness * Symmetric key cryptography * Public key cryptography * Authentication & digital signatures * Cryptographic protocols o Key & data exchange o Voting o Zero-knowledge proofs * Applications (PGP, SSH, SSL, others...) * Quantum cryptography * Computer system security * Malicious code * Intrusion: detection & countermeasures Web pages Most of the information for this class will be distributed via the Internet. The class home page is at the URL listed above, and is the starting point for lots of information about the class including assignments and notes. Access to some of the class web pages may be restricted to users on campus. Access from other domains may be granted on a case-by-case basis - contact the instructor for details. If you want to access the restricted web pages from off-campus, you may log into an account at UCSC and view the pages using lynx (a text-based web browser). Texts The required text (Applied Cryptography) is available at the UCSC bookstore as well as at online booksellers such as and It really is a required text — lectures and notes will complement the material presented there. There will also be papers assigned during the quarter as additional reading. Unless indicated otherwise, the papers are also mandatory reading. Whenever possible, the papers will be made available online as PDF files. Because of copyright issues, papers will only be available online to machines in the domain. The recommended text (Cryptography and Network Security) is a more recent text, and has some good descriptions of various algorithms. However, it doesn't cover as much material as the required text. You may find it useful to look it over, but you don't have to buy it. Assignments Due dates for all assignments will be listed on the class schedule, as well as on the assignment itself. Assignments will be posted on the web, and will be accessible from any domain on the Internet. It is likely that some assignments will be posted before they are officially assigned; however, you should not assume that an assignment on the web is in final form. In other words, assignments are subject to change before the date that they are officially assigned. Homework There will be 4-6 homework assignments, each due a week after they are assigned. The homework will give you a chance to see how well you understand the concepts we've covered in class. They will be graded, and answers will be available on the web. Research project Students in the class must complete a research project in the general area of computer security. Timeliness Assignments are due on the date specified on the schedule. If class will be held on the due date, the assignment is due at the start of class. Late assignments will receive no credit. Graded assignments will be returned as soon as possible, usually within one week. Exams & quizzes Final exam There will be a final exam in the class. It will be an open book exam, and may be a take-home exam. Quizzes This class will involve a lot of reading, including both textbooks and research papers. It is essential that you keep up with the reading material, and read the assigned material before the class in which it is discussed. To ensure that this is the case, there will be 4 unannounced quizzes during the quarter. Each quiz will take a maximum of 15 minutes, and will cover the material from the assigned reading for the class. The questions will be simple (not in-depth), and will be easy to answer for anyone who's done the reading. To ease any fears about these quizzes (they really are to make sure you read the material), I'll post sample questions for the readings for the second class. The quizzes will be graded on a pass/fail basis, and will contribute to your class participation grade. There will be no makeup quizzes — if you miss a quiz, it counts as a fail unless you have a valid excuse for your absence. In order to get an A in the class, you may fail at most one quiz. In order to pass the class, you may fail at most two quizzes. Attendance Class attendance is mandatory. Because this is a graduate class, I expect students to participate actively in class, and that's hard to do if you're not actually there. I won't take attendance at class (except as necessary to make the registrar happy), but there will be unannounced quizzes on the assigned reading material (see above), and you'll need to be in class to take them. Most of the course material, including assignments and lecture notes, will be posted on the class web pages. However, you're responsible for all material covered in class, whether or not it appeared on the Web site. If you miss a class, I suggest you ask either a fellow student or me to fill in any material you may have missed. Grades Your grades will be determined as follows: * Final project: 40% * Final exam: 25% * Homework: 15% * Class participation (including quizzes): 20% You must take the final exam and turn in a final project in order to pass the class. As mentioned above, you may fail at most two quizzes if you want to pass the class, and may fail at most one quiz if you want to get an A. You need not turn in every homework assignment; however, homework is graded, and a missing homework counts as a zero (0). Academic Honesty: Collaboration vs. Cheating This really shouldn't be an issue, but recurring events have it necessary to discuss collaboration vs. cheating as well as the consequences of handing in work not your own. You are encouraged to discuss the course material, concepts, and assignments with other students in the class. However, all homework you turn in must be your work. If you are caught copying or otherwise turning in material that is not solely your work, you will fail the course and a letter will be sent to your department and the School of Engineering. Group projects requiring independent research are an essential part of this graduate class. As a member of a group, you are expected to "pull your weight" — you can't simply let your partner(s) do all the work. Similarly, if you find someone in your group isn't doing his or her part, I expect you to notify me. Your group's work must be all your own; you must cite all of your sources and may not incorporate others' work without attribution. The bottom line is that you are expected to conduct yourself as a person of integrity — you are expected to adhere to the highest standards of academic integrity. This means that plagiarism1 in any form is completely unacceptable. You are a (soon-to-be) computing professional; I encourage you to consult the code of ethics appropriate to your discipline2. Plagiarism will be assumed until disproved on work that is essentially the same as that of others. This includes identically incorrect, off-the-wall, and highly unusual duplicate answers where the probability of a sheer coincidence is extremely unlikely. All parties to this unacceptable collaboration will receive the same treatment. In the case of programs, reordering routines, renaming files, and simply renaming variables does not make two programs different. 1pla-gia-rize vt. to steal and pass of as one's own (the ideas or words of another) to present as one's own an idea or product derived from an existing source - pla-gia-riz-er n. (source: Webster's New World Dictionary). 2The Association for Computing Machinery is, the IEEE is, and the IEEE Computer Society is Last updated 18 Feb 2001 by Ethan Miller (
Appears in Collections:Syllabus

Files in This Item:

File SizeFormat

All items in DSpace are protected by copyright, with all rights reserved.


Valid XHTML 1.0! DSpace Software Copyright © 2002-2006 MIT and Hewlett-Packard - Feedback