Spring 2004

Clay Shields


front | classes | research | personal | contact

Information Assurance

Tuesday/Thursday
11:40 - 12:55
Tuesday: ICC 205B
Thursday: Reiss 262

"Trusting every aspect of our lives to a giant computer was the smartest thing we ever did!"
Homer Simpson

Projects

Course Information

Instructor
Clay Shields, contact information here.

Policies
This class, like all my classes, are subject to my course policies. Students are expected to understand these policies. If you have any questions, ask ahead of time.
Teaching Assistant
Name: Louis Licamele
Email: licamell at georgetown.edu
Office Hours:TBD

Grading
Bugtraq Analyses 5%
Homework and assigned projects: 40%
Individual project 10%
Midterm
Date: March 2
20%
Final
Date: May 7, 12:30
25%
Texts
This semester we will be using:
Practical Unix and Internet Security, 3rd Edition, by Garfinkel, Schwartz, and Spafford.
Readings
While I do not expect the material in this class to be difficult, there is quite a bit to cover. Additional readings will be given on particular topics during the semester; most will be available on-line from the Topics and Readings page. Students will also be expected to subscribe to the following two mailing lists for the semester:

Bugtraq:

This is a list that carries discussion of security problems of exisiting systems. It is relatively high volume, so I suggest that you subscribe to the digest version. The easiest way to do this is to send a blank e-mail
message to:

bugtraq-digest-subscribe@securityfocus.com

RISKS Digest:

This is a relatively low-volume mailing lists that carries discussions of the risks of computer error, misuse, and malfunction to humans and society. You may receive this any number of ways, through the web, through the newsgroup comp.risks, or by e-mail.

http://catless.ncl.ac.uk/Risks

Description
This course is intended to introduce students to means of assuring the confidentiality, integrity, and availability of information through mechanisms of technology, policy, and education. Topics will include: access control; authentication; security policies and enforcement; security design principles; malicious logic; vulnerability analysis; intrusion detection and response; audit; risk assessment; personnel and physical security; and legal, ethical, and social issues.

Prerequisites: COSC 173.

Any job obtained with knowledge or experience gained from this class entitles the instructor to 5% of the gross salary or other income (including but not limited to salary, share, proceeds from stock or stock options, or sale of a company, but not in cluding benefits) from that job. Your continuation in this class and receipt of a grade indicates your acceptance.