Return to class page

Topics and Readings

Drinking from the Firehose
Topic Textbook Chapter Required Readings Related Readings
Introduction to Information Assurance
1
Security Controls for Computer Systems
(through part B)

800-100 Information Security Handbook: A Guide for Managers

Information Systems Security - A Comprehensive Model

National Information Systems Security (INFOSEC) Glossary

The Backhoe: A Real Cyberthreat

Security Absurdity: The Complete, Unquestionable, And Total Failure of Information Security

Cryptography Overview
7

An Overview of Cryptography
Policy Issues and Risk Assessment
3
Georgetown University Computer Systems Acceptable Use Policy

Practical Threat Analysis and Risk Management

Attack trees

The SANS Security Policy Project

Building an Information Technology Security Awareness and Training Program

Physical and Personnel Security
8,9,18
Employment Background Checks Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks.

Notes on Picking Pin Tumbler Locks.

Identity and Authentication
4,5
Passwords

Password Security: A Case History

Why passwords have never been weaker and crackers have never been stronger


Biometrics

Impact of Artificial "Gummy" Fingers on Fingerprint Systems

RFID

Cloning a Verichip

RFID

RFDump
Secure System Design and Implementation
16
Software Flaws

Smashing the Stack for Fun and Profit

Secure Programming

Secure programmer: Keep an eye on inputs

Secure Programming for Linux and Unix Howto

Protecting sensitive data in memory

Trusted Systems   Reflections on Trusting Trust

DoD 5200.28-STD TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA

 
Malicious Code
23
How to 0wn the Internet in Your Spare Time

Salami Fraud


Offensive Computing


Audit and Integrity
20,21
   
Vulnerability Analysis
# Guideline on Network Security Testing

Trust
26