Course Schedule

Week 1 - January 16

  • Telecommunications Industry Today
    • David Clark paper plus Orgass's comments
  • IPv6, David Johnson, Computer Science, Rice University

Week 2 - January 23

  • A classic Internet break-in (Part 1)
  • Cliff Stoll's tracking of a Berkeley break-in
  • Network Structures for Security

Week 3 - January 30

  • A Classic Internet Break-in (Part 2)
  • Vulnerability Survey, Security Policies

Week 4 - February 6

  • Security Landscape
    • Digital Threats
    • Adversaries
    • Security Needs
  • Topics in Linux/Unix System Security

Week 5 - February 13

  • Security Technologies
    • Cryptography
    • Cryptography in Context
    • Computer Security
    • Identification and Authentication
    • Networked Computer Security
  • CERT Analytical Week
    • o Tom Longstaff, Manager of Security Analysis, CERT

Week 6 - February 20

  • System security for a co-location facility
  • Ed DeHart, CEO of aspStation

Week 7 - February 27

  • Kevin Poulsen's Exploits (Part 1)
  • Government System Security
    • Jeffrey Hunker, Dean of the Heinz School

Week 8 - March 6

  • Kevin Poulsen's Exploits (Part 2)
  • CERT data Collection Work
    • Brian King, MTS in CERT

Week 9 - March 13

  • Security Technologies 2
    • Network Security
    • Network Defenses
    • Software Reliability
    • Secure Hardware
    • Certificates and Credentials
  • Security for an ISP (tentative)

Week 10 - March 27

  • Security Technologies 3
    • Security "Tricks"
    • The Human Factor
  • System Security for an ISP (tentative)
    • Speaker to be determined

Week 11 - April 10

  • Security Strategies 1
    • Vulnerabilities and the Landscape
    • Threat Modeling and Risk Assessment
    • Security Policies and Countermeasures
    • Attack Trees
  • System Security Measures 1
    • Pluggable Authentication Modules
    • One Time Passwords

Week 12 - April 17

  • Security Strategies 2
    • Product Testing and Verification
    • Future of Products
    • Security Processes
    • Strategy Conclusion
  • System Security Measures 2
    • System Accounting
    • System Logging
    • Superuser Do

Week 13 - April 24

  • System Security Summary
  • System Security Measures 3
    • TCP Wrappers and portmap
    • The Secure Shell (SSH)
    • Log File Management

Week 14 - May 1

  • Secure Distributed File Systems
    • Andrew File System (AFS)
    • CODA, casually connected distributed file system
  • System Security Summary
    • Crack
    • Auditing with tiger
    • Tripwire
    • Packet Filtering with IP chains (lightly)

Week 15 - May 8

  • System Security Measures 4
    • Cryptographic File Systems
    • Implementing and Managing Security
  • Review and Final Questions

 

Last Modified 31 Jan 2002 by cpg