COMP 4108A (Sept 2020): Computer Systems Security
Preliminary course outline, subject to change.
Updated: Nov 2, 2020.
Course website (for updates):
http://people.scs.carleton.ca/~paulv/4108sep2020.html
Course description
(from
official calendar):
Introduction to information security in computer and communications
systems, including network, operating systems, web and software
security. Passwords, authentication applications, privacy, data
integrity, anonymity, secure email, IP security, security
infrastructures, firewalls, viruses, intrusion detection, network
attacks.
Lectures three hours a week.
Prerequisites:
one of
COMP 3203 (Principles of Computer Networks)
or
SYSC 4602 (Computer Communications);
and one of
COMP 3000 (Operating Systems),
SYSC 3001 (Operating Systems and Databases),
SYSC 4001 (Operating Systems).
Otherwise requires written instructor permission.
Students missing required prerequisites will be removed from the course.
Lectures (online):
8:35-9:55am Mon+Wed. (Online access details will be sent by
cuLearn; students registered
in the course are automatically granted access to this)
Term dates: 2020 Sept.9-Dec.11, excluding Oct.12 (Thanksgiving) and Oct.26-30 (fall break)
TAs: see lab page (below) for TA contact details and hours
Instructor: P. Van Oorschot
Office hours by video: Mon 10-11am, Tues 1:00-2:00pm
Required Textbook:
Computer Security and the Internet:
Tools and Jewels by P.C. van Oorschot (2020, Springer).
Available in hardcopy from bookstores, softcopy via university library,
PDFs for personal use from author's website.
Students seeking supplementary resources may consider books
listed on this page.
Evaluation:
25%: Paper 1, written project (due Fri. Oct.23, 23:59pm).
Knowledge and understanding of course textbook will be required for this project.
Click
here
for detailed instructions.
25%: Paper 2, written project (due Sun. Dec.13, 23:59pm).
Knowledge and understanding of course textbook will be required for this project.
Click
here
for detailed instructions.
50%: Five (5) programming-based lab assignments, 10% each. Labs are individual (not group work).
Students should regularly check this lab
page (click here)
for details and due dates; labs typically available two weeks before due
date.
Due dates for Labs 1-5 (subject to change by TA; see lab page):
Sept. 25, Oct. 9, Nov. 6, Nov. 20, Dec. 4.
Timeliness: late assignments and projects receive a zero (0) grade
by default, unless special permission has been granted in writing, in advance.
You are advised to submit your final work at least one hour in advance
of the official due date/time, in anticipation of electronic glitches,
software or system outages, and connectivity issues.
Lab access:
Lab assignments involve remote access using generic computing equipment.
Students may need an OpenStack account
if they do not already have one from a previous course; consult the lab page (above) for details.
For any course content on password-protected web pages,
the lab page will indicate how to get an access password
(e.g., via the TA or cuLearn).
If you require further assistance regarding access to computing
resources to complete specific aspects of this course,
please contact the TA or Instructor.
Generic SCS computer lab and technical support info can be found at
https://carleton.ca/scs/technical-support/
Course objectives:
to understand fundamental principles of computer security;
to become aware of how computer systems are vulnerable to
exploitation, and corresponding protection means;
to understand practical threats and carry out simple
security analysis useful in software and system development; to gain
both theory and hands-on familiarity with selected concepts in operating systems and Internet security.
Instruction format.
Online classes (video-meet) will be held during the scheduled class hours,
relying on the cuLearn platform
for disseminating access information.
The required textbook will be closely followed.
It was written specifically for this course by the course Instructor.
Students are expected to read textbook chapters in advance,
and be ready to discuss and ask questions during online classes.
Classes will highlight items of primary importance and will
expand on topics of specific interest to students.
The classes are not a substitute for reading the textbook itself,
but rather to complement the essential details available within it.
If you are not physically in Ottawa this term and
in a different time zone, email the Instructor during the
first week of class including your registration student ID
and details of your country/time zone, to discuss suitable accommodation.
Topics outline.
The following topics will be covered, directly from the course text.
-
Chapter 1: Basic concepts and principles.
-
Chapter 2: Cryptographic background.
-
Chapter 3: User authentication.
-
Chapter 4: Authentication protocols and key establishment.
-
Chapter 5: Operating system security and access control.
-
Chapter 6: Software security---exploits and privilege escalation.
-
Chapter 7: Malicious software.
-
Chapter 8: Public key certificate management and use cases.
-
Chapter 9: Web and browser security.
-
Chapter 10: Firewalls and tunnels.
-
Chapter 11: Intrusion detection and network-based attacks.
-
Chapter 12*: Wireless LAN security: 802.11 and Wi-Fi.
*This chapter will be provided via cuLearn to registered students; it is
not yet part of the published book.
=== Additional Information on SCS Courses ===
Undergrad Academic Advisor for SCS:
5302C-HP (room), 520-2600 ext 4364 (phone), undergraduate_advisor@scs.carleton.ca
(email).
This advisor can assist with information about prerequisites
and preclusions, course substitutions/equivalencies, understanding your
academic audit and the remaining requirements for graduation. The
advisor can also refer students to appropriate resources
such as the Science Student Success Centre, Learning Support Services
and Writing Tutorial Services.
Academic Integrity violations within the Faculty of Science.
Students found in violation of the Student Academic Integrity Policy (below)
in Computer Science (COMP) courses
are subject to severe penalties, as detailed at the
Office of the Dean of Science (ODS) page:
https://science.carleton.ca/academic-integrity.
If you are unsure of the expectations regarding academic
integrity (how to use and cite references, how much collaboration with
lab- or class-mates is appropriate), ASK your instructor or the head TA
for your labs. Sharing assignment or quiz specifications or posting them
online (to sites such as Chegg, CourseHero, OneClass) is considered
academic misconduct. You are never permitted to post, share, or upload
course materials without explicit permission from your instructor.
COMP 4108 addendum on integrity violations:
Beyond any other standard university policies, in COMP 4108
any student submitting work including uncited portions originating
from someone else, is subject to a mark of negative 100%
on the entire work item. For example, if a lab assignment
is worth 10%, the 10% is lost plus an additional 10% penalty,
making the best possible course mark 80%.
Both students may be penalized if the infraction involves copying
from another student.
Each student must write up submitted work individually
from their own personal notes,
unless given permission explicitly in writing to do otherwise by the Instructor or head TA.
=== Other University Policies (generic) ===
Requests for Academic Accommodation:
You may need special arrangements to meet your academic obligations
during the term. For an accommodation request, the processes are as
follows.
Pregnancy Obligation:
Please contact your instructor with any requests for academic
accommodation during the first two weeks of class, or as soon as
possible after the need for accommodation is known to exist. For more
details, visit the Equity Services site
here
Religious Obligation:
Please contact your instructor with any requests for academic
accommodation during the first two weeks of class, or as soon as
possible after the need for accommodation is known to exist. For more
details, visit the Equity Services site
here
Academic Accommodations for Students with Disabilities:
If you have a documented disability requiring academic accommodations in
this course, please contact the Paul Menton Centre for Students with
Disabilities (PMC) at 613-520-6608 or pmc@carleton.ca for a formal
evaluation or contact your PMC coordinator to send your instructor your
Letter of Accommodation at the beginning of the term. You must also
contact the PMC no later than two weeks before the first in-class
scheduled test or exam requiring accommodation (if applicable). After
requesting accommodation from PMC, meet with your instructor as soon as
possible to ensure accommodation arrangements are made.
For more details, see the PMC page.
Survivors of Sexual Violence:
As a community, Carleton University is committed to maintaining a
positive learning, working and living environment where sexual violence
will not be tolerated, and survivors are supported through academic
accommodations as per Carleton's Sexual Violence Policy. For more
information about the services available at the university and to obtain
information about sexual violence and/or support, visit
https://carleton.ca/sexual-violence-support
Accommodation for Student Activities
Carleton University recognizes the substantial benefits, both to the
individual student and for the university, that result from a student
participating in activities beyond the classroom experience. Reasonable
accommodation must be provided to students who compete or perform at the
national or international level. Please contact your instructor with any
requests for academic accommodation during the first two weeks of class,
or as soon as possible after the need for accommodation is known to
exist. For more details see
here.
Student Academic Integrity Policy. Every student should be familiar with
Carleton's student academic integrity policy. A student
found in violation of academic integrity standards may be awarded
penalties which range from a reprimand to receiving a grade of F in the
course or even being expelled from the program or University. Examples
of punishable offences include: plagiarism and unauthorized co-operation
or collaboration. Information on this policy may be found at
https://carleton.ca/registrar/academic-integrity/
Plagiarism. As defined by Senate, "plagiarism is presenting, whether
intentional or not, the ideas, expression of ideas or work of others as
one's own". For Computer Science courses,
such reported offences will be reviewed by the
Office of the Dean of Science (ODS).
Unauthorized Co-operation or Collaboration. Senate
policy states that "to ensure fairness and equity in assessment of term
work, students shall not co-operate or collaborate in the completion of
an academic assignment, in whole or in part, when the instructor has
indicated that the assignment is to be completed on an individual
basis". Please refer to the course outline statement or the instructor
concerning this issue.
[end of policies]