Data and Applications Security (CS 6348) 
 
   Time and Location :  F 4pm-6:45pm@ECSS 2.201
 
     
       Instructor                             :   Murat Kantarcioglu
        Office Hours & Location  :   Friday 9am-10am, 3pm-4pm@ECSS 3.225 
 
       Teaching Assistant           :     Nidhi Solanki         
        Office Hours & Location  :     Thursday/Friday 1:00 pm - 3:00 pm@CN 1.202 D
              


  Prerequisites                   :   CS 5343
            
                       

Grading:

  •   Homework   %15 (3 homework, each worth 5%)
  •   Project         %25 (Group project (up to 3 people) that requires programming)
  •   Midterm       %25
  •   Final            %35 (All topics covered included)

 

 
   Course Topics: (tentative)

     The course will teach principles, technologies, tools and trends for data 
    and applications security. Please see the course syllabus for details.

         
           Textbook:    
       

   Introduction to Computer Security by Matt Bishop 
   Publisher: 13th Printing Addison-Wesley Professional 
   (ISBN-10: 0-201-44099-7, ISBN-13: 978-0-201-44099-7)

 Course Outline:

 

08.28.15
  • Overview of Information Security
  • Access control basics
  • Reading: Bishop Chapter 2 & 13
09.04.15
  • Access Control Foundations
  • Reading: Bishop Chapter 3

09.11.15
  • Access control models
  • Reading: Bishop Chapter 4
09.18.15
  • Access control models cont.
  • Reading: Bishop Chapter 5

09.25.15
  • Integrity Models
  • Reading: Bishop Chapter 6
10.02.15
  • Hybrid Models
  • Homework One is available on elearning, due 10/16/15 midnight
  • Reading: Bishop Chapter 7

10.09.15
  • Basic Cryptography Overview
  • Authentication
  • Reading: Bishop Chapter 9 & 12
10.16.15
  • Database Security
  • Reading:  Please read the following overview paper (pdf)
  • Homework Two is available on elearning, due 10/30/15 midnight.
  • Project Description is available on elearning
10.23.15
  • Midterm !!!!
10.30.15
  • Access control in distributed systems
  • Reading:  Please read the following overview paper

11.06.15
  • SQL and Code injection attacks
  • Reading: Please see the tutorial from Oracle.

11.13.15
  • Introduction to Data Privacy
  • Reading: K-annonymity, l-diversity, differential-privacy, privacy-preserving distributed data mining
  • Homework Three is available on elearning,  due 11/30/15, noon.
11.20.15
  • Introduction to Data Privacy cont.
11.21.15
  • Extra Class today at ECSS 2.412 starting 4pm !!!
  • Policy, legal etchics and compliance
  • Economics of data security and privacy
  • Reading:  T.b.d.

11.27.15
  • Thanksgiving Holiday

12.04.15
  • FINAL exam will be administered during the last class. 
  • To comply with university regulations, I will schedule an additional class on November 21st.