ÒùÆÞÉç

ÒùÆÞÉç

Electrical Engineering and Computer Science

EECS 4760 - Computer SecurityÌýCourse Syllabus

Credits/Contact Hours
3 credit hours (3 hrs lecture, no lab) / Engineering Topic

Textbook
Computer Security: Principles and Practice, 4th ed, by Stallings & BrownÌý
 Pearson Higher Ed, 2018Ìý ISBN-10/13: 0134794109 / 978-0134794105

Course Information

Catalog Description: Foundational concepts in Computer Security: The CIA Triad, Authentication, Access Control, Least Privilege, Complete Mediation, Economy of Mechanism, Reference Monitors, Defensive Programming, Threats and Attacks, Network Security, Introduction to Cryptography, Database Security.Ìý Ìý

Pre-requisites: EECS 2110 (Computer Architecture and Organization) and EECS 3540 (Operating Systems and Systems Programming)Ìý

Required Course for CSEÌý

Specific Goals - StudentÌýLearning ObjectivesÌý(SLOs)
Upon successful completion of this course, the student will:
1. Be able to identify the three pillars of Computer Security andÌýexamine potential threats in terms of them.
2. Understand how Authentication, Access Control, and Cryptography can be used to thwart potential threats.
3. Understand the underlying principles behind mainstream cryptographic algorithms, specifically including (but not limited to) DES, AES, and RSA, and be able to code at least one of these algorithms.
4. Understand how coding of their own applications can create potential vulnerabilities and how to avoid them.
5. Understand how security measures can be designed into Operating Systems to facilitate a secure environment.
6. Understand why networked computers have their own particular vulnerabilities and how to mitigate exposure.
7. Understand how databases present distinct security challenges, and how they can be compromised.
8. Be familiar with how non-technical issues like privacy, ethics, and legal aspects of security can affect computing.

Topics

  1. Overview (includes history and the CIA Triad)Ìý
  2. Cryptographic ToolsÌý
  3. User AuthenticationÌý
  4. Access ControlÌý
  5. Database and Data Center SecurityÌý
  6. Malicious SoftwareÌý
  7. Denial of Service (DoS) AttacksÌý
  8. Intrusion DetectionÌý
  9. Firewalls and Intrusion Prevention SystemsÌý
  10. Buffer Overflow ExploitsÌý
  11. Software SecurityÌý
  12. Operating System SecurityÌý
  13. Legal and Ethical Aspects of Computer SecurityÌý