Announcements
- Study guide for Final Exam now available.
- Q&A session confirmation: It will be Wednesday Dec. 7 in SCI 183 from 1pm to 5:30pm. We may have to move to some other location after that, but if necessary, I should be available for a bit longer.
- I still have a number of graded assignments 4 and 5 in my office. Feel free to come in and pick them up anytime I'm there.
"Security requires a particular mindset. Security professionals - at least the good ones - see the
world differently. They can't walk into a store without noticing how they might shoplift. They
can't use a computer without wondering about the security vulnerabilities. They can't vote without
trying to figure out how to vote twice. They just can't help it."
-Bruce Schneier
Class Info
Section 1: MWF 10:30–11:20, Sci Center 183
Professor: Martin Gagné
email: LootAtTheURLForMyUsername{at}swarthmore{dot}edu
Office hours: MW 1:30-3, Thurs 10:30-12, and by appointment
Course Discussion: Piazza (setup complete!)
Welcome to CS91, Computer Security.
This course is an introduction to the concepts and techniques used for secure network communications. W examine how security is defined at the cryptographic level, and how basic cryptographic algorithms can be used to construct secure network protocols. Topics covered may also include access control, vulnerabilities found in past networking protocols and how to answer common questions on computer security.
CS35 is a required prerequisite, CS31 is strongly recommended. Prior knowledge of probability theory, algorithms and network protocols will be useful, but not required. When necessary, I will spend a lecture here and there to bring everyone up to speed.
No Required Textbooks.
Resources:
Goals for the course:
- Learn how to analyze a situation to discover security threats
- Understand how security is defined and proven at the cryptographic level
- Learn the strengths and weaknesses of secured and unsecured network protocols
- Understand common attacks and how to prevent them
- Learn how to answer questions about computer security asked by your drunken uncle at family gatherings
Late Work Policy
To help with cases of minor illnesses, athletic conflicts, or other short-term
time limitations, all students start the course with
three "late assignment days" to be used at your discretion, with no questions asked. To use your extra time, you must email your professor after you have completed the lab and pushed to your repository. You do not need to inform anyone ahead of time. When you use late time, you should still expect to work on the newly-released lab during the following lab section meeting. The professor will always prioritize answering questions related to the current lab assignment.
Your late days will be counted at the granularity of full days and will be tracked on a per-student (NOT per-partnership) basis. That is, if you turn in an assignment five minutes after the deadline, it counts as using one day. For partnered labs, using a late day counts towards the late days for each partner. In the rare cases in which only one partner has unused late days, that partner's late days may be used, barring a consistent pattern of abuse.
You may only use up to 2 late days on any individual assignment.
After you have used up your late days, I reserve the right to refuse any
late work from you (you will receive a zero). Any work I do accept
after this, will incur a significantly large penalty for every day it is late.
Tips for Success
-
Attend class and actively participate in class.
The primary introduction to course material is through class lecture.
Additionally, we often do exercises during class. Showing up is
necessary, but not sufficient to success in the course: ask questions,
participate in class discussions and in class activities, and take notes.
-
Read the material before you come to class.
Don't worry about total comprehension, but at least get a feel for
what we will be covering that week. If you have some understanding of
the material coming into class, it will be easier for you to follow
the lecture and to ask questions during class.
See Tia's tips for reading CS textbooks for guidelines on getting the
most out of assigned readings.
-
Start the lab assignments early.
I realize this one is not always easy to do, but if you can get
in the habit of doing this, you will be much better off.
As the labs get longer and more difficult, starting early will give
you plenty of time to mull over the lab problems even when you
aren't actively writing your solution.
-
Practice, practice, practice.
The only effective way to
learn the material and pass the exams is to consistently
do the labs, and to practice example problems presented in class and
in the book. Forming study groups to go over practice problems and
to review lecture and reading notes is a great way to prepare for exams.
-
Seek help early and often.
Because course material builds
on previous material, it is essential to your success in this class
that you keep up with the course material. There are a lot of sources
of help: ask questions during lecture; ask your classmates (make sure
you have read the "Academic Integrity" section below first); get help
during lab sessions; and come to office hours.
-
Take hand written lecture notes.
In lecture the professor
often draws diagrams on the board, some of which you will need to reproduce.
Taking notes with paper and pen (vs. on the computer) will allow you to
copy these diagrams.
Academic Integrity
The CS Department Integrity Policy Statement:
Academic honesty is required in all your work. Under no circumstances may you hand in work done with (or by) someone else under your own name. Your code should never be shared with anyone; you may not examine or use code belonging to someone else, nor may you let anyone else look at or make a copy of your code. This includes, but is not limited to, obtaining solutions from students who previously took the course or code that can be found online. You may not share solutions after the due date of the assignment.
Discussing ideas and approaches to problems with others on a general level is fine (in fact, we encourage you to discuss general strategies with each other), but you should never read anyone else's code or let anyone else read your code.
All code you submit must be your own with the following permissible exceptions: code distributed in class, code found in the course text book, and code worked on with an assigned partner. In these cases, you should always include detailed comments that indicates on which parts of the assignment you received help, and what your sources were.
Failure to abide by these rules constitutes academic dishonesty and will lead to a hearing of the College Judiciary Committee. According to the Faculty Handbook: "Because plagiarism is considered to be so serious a transgression, it is the opinion of the faculty that for the first offense, failure in the course and, as appropriate, suspension for a semester or deprivation of the degree in that year is suitable; for a second offense, the penalty should normally be expulsion."
The spirit of this policy applies to all course work, including code, homework solutions (e.g., proofs, analysis, written reports), and exams. Please contact me if you have any questions about what is permissible in this course.
For this course, it is fine to help each other with using
utilities and tools (Unix, C++, Sqlite, man, git, make, ...), and with
reading and understanding the assignments.
However, you should avoid discussing the details of your solution with
anyone other than your lab partner, and you should never look at
anyone else's code for a solution to a lab (or to a similar project).
In addition, there are many useful on-line resources of which you
should take advantage. However, make sure that you do not use these
resources in such a way that it violates the spirit of our Academic
Integrity statement. For example, should you post questions to on-line
forums or mailing lists seeking a solution to the specific problem you
are asked to solve. Basically, the solution and code that you submit as your
own should be your own. If you are unclear about what type of
collaboration is okay and what type is not, ask me about your
situation before proceeding.
Academic Accommodations
If you believe that you need accommodations for a disability, please contact
Leslie Hempling in the Office of Student Disability Services, located in
Parrish 130, or e-mail lhempli1 to set up an appointment to discuss your
needs and the process for requesting accommodations. Leslie Hempling is responsible
for reviewing and approving disability-related accommodation requests and, as
appropriate, she will issue students with documented disabilities an Accommodation
Authorization Letter. Since accommodations may require early planning and are not
retroactive, please contact her as soon as possible. For details about the
Student Disabilities Service and the accomodations process, visit the
Disability Services webpage.
To receive an accommodation for a course activity, you must have an Accomodation
Authorization letter from Leslie Hempling and you need to meet with me to work
out the details of your accommodation at least one week prior to the activity.
You are also welcome to contact me privately to discuss your academic needs. However,
all disability-related accommodations must be arranged through Leslie Hempling in
the Office Of Student Disability Services.
Grading
Just a rough idea for now:
| 25% | Labs and assignments |
| 25% | Quizzes |
| 20% | Project (or participation in seminars, not sure yet.) |
| 25% | Final Exam |
| 05% | Class Participation |
Schedule
This is a tentative schedule; it may change as we go.
External Links
Links that are related to the course may be posted here. If you have suggestions for links, let me know.