CS5430: System Security - Overview and Organization

Course Overview. This course discusses security for computers and networked information systems. We focus on abstractions, principles, and defenses for implementing secure systems.

Course URL:   http://www.cs.cornell.edu/Courses/CS5430/2019SP/

Lecture: Attendance is required. If you must miss a lecture, please make arrangements with another student to find out what you missed.

10:10am -- 11:25am Monday and Wednesday. Gates G01

In addition, class will meet some Fridays 10:10 -- 11:25 for make-up lectures and also to explore additional content. Friday meetings will be announced the preceding Monday.

Instructor:
Professor Fred B. Schneider   (255-9221)   422 Gates Halll

Office hours: Available directly after class and most Mon / Wed afternoons. Also, feel free to drop by any afternoon without an appointment. I will chat with you then or we can work out a time to meet.

email: fbs@cs.cornell.edu   In person discussions are preferred---they are more efficient and more informative. Email works well for questions that require a short answer and don't require much context. Email is a good way to set up an appointment to speak in person with the instructor---include choices for days and times that you are available.

Course Staff:
Laure Thompson, email: ljt82@cornell.edu
Patrick Walsh, email: prw55@cornell.edu
Benjamin Edwards, email: bje43@cornell.edu
Katherine Lin, email: kl639@cornell.edu

TA Office Hours:

Prerequisites. The course is open to any undergraduate or graduate student who has mastered the material in CS4410 (Operating Systems).
Readings:
Readings to complement the lectures are noted in the course outline.

A text having a large intersection with what we will cover this semester and having a broad coverage of computer security at the MEng level is:

So if you want to purchase a single text for this course, it is a reasonable choice.

The following books should also prove useful references on cryptographic protocols. Schneier's book is a classic reference and well worth owning. The Kaufman et al. text is a delightfully written treatment.

Draft chapters for a textbook Schneider is writing as well as written lecture notes from prior offerings of the lectures can be found on-line. The lectures in this course do change from year to year (and the on-line notes don't always get updated in a timely way).

Assignments and Grading. Assignments are deliberately underspecified, open-ended, and motivated by problems that arise in the real world (messy as it is), as is consistent with the MEng, hence professional (and practical) orientation, of this course. You will have to resolve ambiguity, refine problem specifications, make reasonable and defensible assumptions, and be creative. Success in CS5430 (and in life) depends heavily on you figuring out what's important and concentrating on that.

Your final course grade will be computed as follows:

This grade might then be adjusted as follows.

All assignments are due on the date stipulated, so that correct answers can be freely discussed in lecture after the due date. Late submissions will receive a grade deduction of two "1/2 letters". (E.g., A becomes B+; A- becomes B; B+ becomes B-, etc).

Academic integrity violations will be prosecuted aggressively. Do not discuss or collaborate with other students in the class on the assigned homeworks.

Students are expected to be familiar with the University's and the CS Department's various policies on appropriate use of computers.