COMP 5407W: Authentication and Software Security (Jan-Apr.2015)
Preliminary course outline subject to change; last updated on Jan. 4 2015
Classroom:      ME3356 (Mackenzie Bldg)  
Class Times:    Tue. and Thu. 13:00-14:30  
Course Website: http://people.scs.carleton.ca/~paulv/5407jan2015.html 
Instructor:     P. van Oorschot 
TA:             none
Prerequisites. COMP 4108 (computer systems security) + COMP 3000 (operating systems), or equivalents. Otherwise requires instructor permission.

Calendar Course Description. Specialized topics in security including those selected from: advanced authentication techniques, user interface aspects, electronic and digital signatures, security infrastructures and protocols, software vulnerabilities affecting security, untrusted software and hosts, protecting software and digital content.

Topics planned for January 2015 course, time-permitting:

Password-based authentication and protocols
Password strength metrics, policies and attack defenses 
Comparing alternative user authentication mechanisms
Certificate-based authentication, SSL infrastructure, trust model
Browser security, same-origin policy, drive-by downloads
Software vulnerabilities
Advanced malware, computer worms, rootkits, DNS-based exploits
Trusted computing base and mandatory access control
Smartphone software security
Course Objectives. To gain a better understanding and appreciation of security issues related so authentication and software security in the computing environment used today. The emphasis is on issues related to the security of today's Internet ecosystem.

Textbook, Library Reserves, Lab Software. None. Course material is based on research papers and other online resources, plus class notes. See instructor's course website for further information. Students may use their own computing resources, or standard university resources, for completing the course projects and accessing online materials.

Evaluation:
Component   Weight  Due Date (2015)  
Project1     30     Feb.10 (due at start of class)
Midterm      30     Mar.3 (in class).  No final exam.
Project2     40     March project-related presentation - 10 
                    March class participation - 5
                    Apr.7 Project 2 written report - 25 (due at start of class)

Project and midterm exam dates are firm. Projects are individual, not group based. Discussion of project work with others is acceptable but students are expected to do the work themselves. See instructor's course website for further information.

University Policies

Student Academic Integrity Policy. Every student should be familiar with the Carleton University student academic integrity policy. A student found in violation of academic integrity standards may be awarded penalties which range from a reprimand to receiving a grade of F in the course or even being expelled from the program or University. Some examples of offences are: plagiarism and unauthorized co-operation or collaboration. Information on this policy may be found in the Undergraduate Calendar.

Plagiarism. As defined by Senate, "plagiarism is presenting, whether intentional or not, the ideas, expression of ideas or work of others as one's own". Such reported offences will be reviewed by the office of the Dean of Science.

Unauthorized Co-operation or Collaboration. Senate policy states that "to ensure fairness and equity in assessment of term work, students shall not co-operate or collaborate in the completion of an academic assignment, in whole or in part, when the instructor has indicated that the assignment is to be completed on an individual basis". Please refer to the course outline statement or the instructor concerning this issue.

Academic Accommodations for Students with Disabilities. The Paul Menton Centre for Students with Disabilities (PMC) provides services to students with Learning Disabilities (LD), psychiatric/mental health disabilities, Attention Deficit Hyperactivity Disorder (ADHD), Autism Spectrum Disorders (ASD), chronic medical conditions, and impairments in mobility, hearing, and vision. If you have a disability requiring academic accommodations in this course, please contact PMC at 613-520-6608 or pmc@carleton.ca for a formal evaluation. If you are already registered with the PMC, contact your PMC coordinator to send me your Letter of Accommodation at the beginning of the term, and no later than two weeks before the first in-class scheduled test or exam requiring accommodation (if applicable). After requesting accommodation from PMC, meet with the course instructor to ensure accommodation arrangements are made. Please consult the PMC website for the deadline to request accommodations for the formally-scheduled exam (if applicable) at http://www2.carleton.ca/pmc/new-and-current-students/dates-and-deadlines

Religious Obligation. Write to the instructor with any requests for academic accommodation during the first two weeks of class, or as soon as possible after the need for accommodation is known to exist. For more details visit the Equity Services website: http://www2.carleton.ca/equity/

Pregnancy Obligation. Write to the instructor with any requests for academic accommodation during the first two weeks of class, or as soon as possible after the need for accommodation is known to exist. For more details visit the Equity Services website: http://www2.carleton.ca/equity/

Medical Certificate. The following is a link to the official medical certificate accepted by Carleton University for the deferral of final examinations or assignments. To access the form, please go to http://www.carleton.ca/registrar/forms