Van Oorschot: Courses: COMP 4108

COMP 4108B (Jan 2019): Computer Systems Security

Preliminary course outline, subject to change. Updated: Dec 19, 2018.

Course website (for updates): http://people.scs.carleton.ca/~paulv/4108jan2019.html

Course description (from official calendar): Introduction to information security in computer and communications systems, including network, operating systems, web and software security. Passwords, authentication applications, privacy, data integrity, anonymity, secure email, IP security, security infrastructures, firewalls, viruses, intrusion detection, network attacks. Lectures three hours a week. Prerequisites: one of COMP 3203 (Principles of Computer Networks) or SYSC 4602 (Computer Communications); and one of COMP 3000 (Operating Systems), SYSC 3001 (Operating Systems and Databases), SYSC 4001 (Operating Systems). Otherwise requires written instructor permission.

Instructor: P. Van Oorschot (Office Hrs: TR 11:30-12:30, 5173HP)
TAs: see lab page (below) for TA contact details and hours
Lectures 11:30-1:00pm Mon+Wed 4499ME (MacKenzie bldg, Carleton)
2019 term: Jan.7-Apr.9, excluding Feb.18-22 (winter break).

Textbook: Computer Security and the Internet: Tools and Jewels (2019, Paul C. van Oorschot), provided (not for redistribution) as draft PDF chapters by instructor. Students seeking supplementary resources may consider books listed on this page.

Evaluation:
30%: Test 1 (Wed. Feb.6, in class).
30%: Test 2 (Wed. Mar.20, in class).
40%: Five (5) programming-based lab assignments, 8% each. Lab#1 is individual, #2-5 optionally in groups of 2. Students should regularly check this lab page (click here) for details and due dates; labs typically available two weeks before due date. Preliminary due dates for Labs 1-5 (to be confirmed by TA, see lab page above): Jan.25, Feb.8, Mar.1, Mar.15, Apr.5

Lab access: Lab assignments should be possible by remote access using generic computing equipment. Students may need an OpenStack account if they do not already have one from a previous course; consult the lab page (above) for details. For any course content on password-protected web pages, the lab page will indicate how to get an access password (e.g., via the TA or cuLearn).

Course objectives: to understand fundamental principles of computer security; to become aware of how computer systems are vulnerable to exploitation, and corresponding protection means; to understand practical threats and carry out simple security analysis useful in software and system development; to gain familiarity with basic concepts in operating systems and Internet security.

Attendance and additional information. Course content will be presented in class. Students are expected to attend all classes in order to learn what material they are responsible for.

Topics outline (preliminary). Topics as listed below, from the course text, will be updated on the course site as the term progresses.

Chapter 1: Introduction.

Chapter 2: Cryptographic background.

Chapter 3: User authentication.

Chapter 5: Operating system security and access control.

Chapter 6: Software security.

Chapter 7: Malicious software.

Chapter 8: Managing public key certificates and applications.

Chapter 9: Web and browser security.

Chapter 10: Firewalls and tunnels.

Chapter 11: Intrusion detection and network-based attacks.
Send comments to: paulv (insert @ here) scs.carleton.ca

=== University Policies (start) ===

Requests for Academic Accommodation: You may need special arrangements to meet your academic obligations during the term. For an accommodation request, the processes are as follows:
Pregnancy Obligation: Please contact your instructor with any requests for academic accommodation during the first two weeks of class, or as soon as possible after the need for accommodation is known to exist. For more details, visit the Equity Services website: carleton.ca/equity/wp-content/uploads/Student-Guide-to-Academic-Accommodation.pdf
Religious Obligation: Please contact your instructor with any requests for academic accommodation during the first two weeks of class, or as soon as possible after the need for accommodation is known to exist. For more details, visit the Equity Services website: carleton.ca/equity/wp-content/uploads/Student-Guide-to-Academic-Accommodation.pdf
Academic Accommodations for Students with Disabilities: If you have a documented disability requiring academic accommodations in this course, please contact the Paul Menton Centre for Students with Disabilities (PMC) at 613-520-6608 or pmc@carleton.ca for a formal evaluation or contact your PMC coordinator to send your instructor your Letter of Accommodation at the beginning of the term. You must also contact the PMC no later than two weeks before the first in-class scheduled test or exam requiring accommodation (if applicable). After requesting accommodation from PMC, meet with your instructor as soon as possible to ensure accommodation arrangements are made. carleton.ca/pmc
Survivors of Sexual Violence: As a community, Carleton University is committed to maintaining a positive learning, working and living environment where sexual violence will not be tolerated, and survivors are supported through academic accommodations as per Carleton's Sexual Violence Policy. For more information about the services available at the university and to obtain information about sexual violence and/or support, visit: carleton.ca/sexual-violence-support
Accommodation for Student Activities Carleton University recognizes the substantial benefits, both to the individual student and for the university, that result from a student participating in activities beyond the classroom experience. Reasonable accommodation must be provided to students who compete or perform at the national or international level. Please contact your instructor with any requests for academic accommodation during the first two weeks of class, or as soon as possible after the need for accommodation is known to exist. https://carleton.ca/senate/wp-content/uploads/Accommodation-for-Student-Activities-1.pdf

Additional policies:

Student Academic Integrity Policy. Every student should be familiar with the Carleton University student academic integrity policy. A student found in violation of academic integrity standards may be awarded penalties which range from a reprimand to receiving a grade of F in the course or even being expelled from the program or University. Some examples of offences are: plagiarism and unauthorized co-operation or collaboration. Information on this policy may be found in the Undergraduate Calendar.
Plagiarism. As defined by Senate, "plagiarism is presenting, whether intentional or not, the ideas, expression of ideas or work of others as one's own". Reported offences will be reviewed by the office of the Dean of Science.
Unauthorized Co-operation or Collaboration. Senate policy states that "to ensure fairness and equity in assessment of term work, students shall not co-operate or collaborate in the completion of an academic assignment, in whole or in part, when the instructor has indicated that the assignment is to be completed on an individual basis". Please refer to the course outline statement or the instructor concerning this issue.
Medical Certificate: The official medical certificate (form) accepted by Carleton University for the deferral of final examinations or assignments in undergraduate courses can be accessed from: http://www.carleton.ca/registrar/forms

COMP 4108 addendum:

Beyond any other standard university policies, any student submitting work including uncited portions originating from someone else, is subject to a mark of negative 100% on the entire work item. For example, if an assignment is worth 10%, the 10% is lost plus an additional 10% penalty, making the best possible course mark 80%. Both students may be penalized if the infraction involves copying from another student. Each student must write up submitted work individually unless explicitly allowed otherwise per official instructions (e.g., in group-based assignments).
=== Policies (end) ===