ECS 235A: Computer & Information Security

ECS 235A
Computer & Information Security
Effective Term
2016 Fall Quarter
Learning Activities
Lecture - 3.0 hours
Project (Term Project)
Modern topics in computer security, including: protection, access control, operating systems security, network security, applied cryptography, cryptographic protocols, secure programming practices, safe languages, mobile code, malware, privacy and anonymity, and case studies from real-world systems. Not open for credit to students who have taken ECS 235.
ECS 150; ECS 152A recommended.
Credit Limitation
Not open for credit to students who have taken ECS 235.
Enrollment Restrictions
Pass One and Pass Two open to Graduate Students in Computer Science only.

Summary of Course Content
1. Introduction: goals of computer security, threat model, principles.

2. Access control: access control lists, capabilities, confinement.

3. Software security: common software vulnerabilities, static analysis, secure coding practices.

4. Mobile code security: Java security architecture, proof-carrying code.

5. Network security: vulnerabilities in the Internet, firewalls, intrusion detection.

6. Cryptography: symmetric key cryptography, public key cryptography, cryptographic protocols, authentication.

7. Malware: propagation, detection, prevention.

8. Anonymity: anonymous routing, servers, and cash.

9. E-voting.


Each student team is expected to do original research in computer security.

Illustrative Reading
Instructor's notes and research papers

Potential Course Overlap
This is an introductory graduate computer security course, focusing on the application aspect of computer security. This course has little overlap with other courses.

Course Category