EECS 4760 - Computer Security Course Syllabus
Credits/Contact Hours
3 credit hours (3 hrs lecture, no lab) / Engineering Topic
Textbook
Computer Security: Principles and Practice, 4th ed, by Stallings & Brown
Pearson Higher Ed, 2018 ISBN-10/13: 0134794109 / 978-0134794105
Course Information
Catalog Description: Foundational concepts in Computer Security: The CIA Triad, Authentication, Access Control, Least Privilege, Complete Mediation, Economy of Mechanism, Reference Monitors, Defensive Programming, Threats and Attacks, Network Security, Introduction to Cryptography, Database Security.
Pre-requisites: EECS 2110 (Computer Architecture and Organization) and EECS 3540 (Operating Systems and Systems Programming)
Required Course for CSE
Specific Goals - Student Learning Objectives (SLOs)
Upon successful completion of this course, the student will:
1. Be able to identify the three pillars of Computer Security and examine potential
threats in terms of them.
2. Understand how Authentication, Access Control, and Cryptography can be used to
thwart potential threats.
3. Understand the underlying principles behind mainstream cryptographic algorithms,
specifically including (but not limited to) DES, AES, and RSA, and be able to code
at least one of these algorithms.
4. Understand how coding of their own applications can create potential vulnerabilities
and how to avoid them.
5. Understand how security measures can be designed into Operating Systems to facilitate
a secure environment.
6. Understand why networked computers have their own particular vulnerabilities and
how to mitigate exposure.
7. Understand how databases present distinct security challenges, and how they can
be compromised.
8. Be familiar with how non-technical issues like privacy, ethics, and legal aspects
of security can affect computing.
Topics
- Overview (includes history and the CIA Triad)
- Cryptographic Tools
- User Authentication
- Access Control
- Database and Data Center Security
- Malicious Software
- Denial of Service (DoS) Attacks
- Intrusion Detection
- Firewalls and Intrusion Prevention Systems
- Buffer Overflow Exploits
- Software Security
- Operating System Security
- Legal and Ethical Aspects of Computer Security