Return to class page

Topics and Readings

Drinking from the Firehose
Topic Textbook Chapter Required Readings Related Readings
Introduction to Information Assurance
1
 Security Controls for Computer Systems
(through part B)

800-100 Information Security Handbook: A Guide for Managers

Information Systems Security - A Comprehensive Model

National Information Systems Security (INFOSEC) Glossary

Beware the backhoe

Security Absurdity: The Complete, Unquestionable, And Total Failure of Information Security
Cryptography Overview
7
An Overview of Cryptography
Policy Issues and Risk Assessment
3
Georgetown University Computer Systems Acceptable Use Policy

Practical Threat Analysis and Risk Management

Attack trees

The SANS Security Policy Project

Building an Information Technology Security Awareness and Training Program

Physical and Personnel Security
8,9,18
 Employment Background Checks Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks.

Notes on Picking Pin Tumbler Locks.

Identity and Authentication
4,5
Passwords

Password Security: A Case History

Observing Reusable Password Choices

Passwords: The Weakest Link?

Biometrics

Impact of Artificial "Gummy" Fingers on Fingerprint Systems

RFID

Cloning a Verichip

RFID

RFDump
Secure System Design and Implementation
16
Software Flaws

Smashing the Stack for Fun and Profit

Secure Programming

Secure programmer: Keep an eye on inputs

Secure Programming for Linux and Unix Howto

Protecting sensitive data in memory
Trusted Systems   Reflections on Trusting Trust

DoD 5200.28-STD TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA

 
Malicious Code
23
 How to 0wn the Internet in Your Spare Time

Salami Fraud


 Offensive Computing
Audit and Integrity
20,21
    
Response to Attacks
22,25
 # Computer Security Incident Handling Guide

# Guide to Integrating Forensic Techniques into Incident Response
Vulnerability Analysis
# Guideline on Network Security Testing

Trust
26