Clark School Home UMD

ENEE457 Computer Systems Security

Course Description: This course covers the foundations of modern cryptography and the current efforts from both academia and industry in building trustworthy computing. We will focus on the technology advances, industrial standards, and law enforcements that have been or have to be made to establish trust in four key areas to establish the trust in computing: security, privacy, reliability, and business integrity.

Prerequisite(s): ENEE350 or permission of instructor

Corequisite(s): None

Course Objectives:

  • Understand the mathematics foundations of modern cryptography
  • Get familiar with the modern cryptosystems
  • Understand the major topics in system security
  • Ability to analyze the security of a network
  • Learn the basics and industry practice on digital right management
  • Understand the security and trust issues in software
  • Understand the security and trust issues in hardware

Topics Covered:

  • Cryptography basics: ciphers, cryptanalysis, modern cryptosystems (DES, AES, RSA), public key cryptography (encryption/decryption, digital signature, key exchange)
  • System security: intruders, viruses, malicious programs, Trojan horse; intrusion detection, password protection, firewall; case study on UNIX system
  • Network security: authentication (Kerberos and X.509), E-mail security (PGP and S/MIME), IP security, Web security (SSL and SET), access control, endpoint security standards (NAC, TNC)
  • Digital right management: copyright, patent, trade secrets, trademark; legal protection of users, fair use, fared use, P2P system, digital watermarking, DRM software and hardware, privacy on the web, case study
  • Hardware based trust and security: trusted platform module, storage protection, trusted software stack, hardware assisted security systems, trusted IC and hardware
  • Trusted software: hacking, software reliability, writing secure code