CMPS 476 - Advanced Computer Networks and Computer Security
Catalog Description
CMPS 476 Advanced Computer Networks and Computer Security (5)
This is a continuation of CMPS 376 Computer Networks. Topics covered will include system security, basic cryptography and network security. We will begin by investigating issues in system security such as security policies, assurance, vulnerabilities and trusted operating systems. We will then look at how systems interact on a network and at new security issues that a networked environment presents such as worms, bot nets and denial of service attacks. Methods to provide better security at both the system and network level will be discussed, along with how risk analysis, cost-benefit analysis and other concerns impact the choices administrators have in securing their systems. Ethics and legal issues related to security research will also be discussed, in particular, responsible methods for conducting and reporting security research. Labs will provide more hands-on experience with securing systems and particular issues with certain OSes and applications. Prerequisite: CMPS 376
Prerequisites by Topic
TCP/IP Networking
Command-line Networking Tools
Units and Contact Time
5 quarter units. 4 units lecture (200 minutes), 1 unit lab (150 minutes).
Selected elective for CS
Required Textbook
Security Engineering, 2nd edition. Ross Anderson. Wiley, 2008. ISBN: 978-0-470-06852-6.
Recommended Textbook and Other Supplemental Materials
The full first edition of the textbook and selected portions of the second edition are available at the author's website:
Melissa Danforth
Student Learning Outcomes
This course covers the following ACM/IEEE Body of Knowledge student learning outcomes:

CC-NC3: Network security

ABET Outcome Coverage
The course maps to the following performance indicators for Computer Science (CAC/ABET):
(CAC PIe2): Recognize and describe current issues in security.
Investigate primary areas of computer and network security (breadth exposure). Conduct a detailed investigation of a specific topic area through individual research project or survey paper (depth exposure).
(CAC PIf2): Prepare and deliver oral presentations.
Disseminate knowledge gained from the in-depth research project or survey paper to the other students in the course through a culminating presentation at the end of the term.
Lecture Topics and Rough Schedule
Not in Book Ethics of Security Research Week 1
Chapter 5 Cryptography Weeks 1 - 3
Chapters 2 and 3 Passwords and Authentication Protocols Week 4
Chapter 4 Access Control Models Week 5
Chapters 8 - 10 Mandatory Access Control Policies Week 6
Chapter 25 Trusted Operating Systems and Development of Secure Systems Week 7
Chapter 26 System Evaluation and Assurance Week 8
Not in Book Vulnerability Analysis Week 8
Chapter 21 Network Attack and Defense Week 9
Not in Book Student Research Projects and Survey Paper Presentations Week 10
Design Content Description
Not applicable to this course.
Prepared By
Melissa Danforth on 31 March 2014
Approved by CEE/CS Department on [date]
Effective Spring 2014