Data and Applications Security (CS 6348) 
 
   Time and Location :  F 10am-12:45pm@ECSN 2.110
 
     
       Instructor                             :   Murat Kantarcioglu
        Office Hours & Location  :   Friday 9am-10am, 3pm-4pm@ECSS 3.225 
 
       Teaching Assistant           :      T.b.d. 
        Office Hours & Location  :     T.b.d.              


  Prerequisites                   :   CS 5343
                       

Grading:

  •   Homework   %16 (4 homework, each worth 4%)
  •   Project         %24 (Group project (up to 3 people) that requires programming)
  •   Midterm       %25
  •   Final            %35 (All topics covered included)

 

 
   Course Topics: (tentative)

     The course will teach principles, technologies, tools and trends for data 
    and applications security. Please see the course syllabus for details.

         
           Textbook:    
       

   Computer Security: Art and Science by Matt Bishop 
   Publisher: 13th Printing Addison-Wesley Professional 
   (ISBN-10: 0-201-44099-7, ISBN-13: 978-0-201-44099-7)

 Course Outline:

 

01.15.16
  • Overview of Data Security
  • Access control basics
  • Reading: Bishop Chapter 2 & 13
01.22.16
  • Access Control Foundations
  • Reading: Bishop Chapter 3

01.29.16
  • Access control models
  • Reading: Bishop Chapter 4
02.05.16
  • Access control models cont.
  • Reading: Bishop Chapter 5

02.12.16
  • Integrity Models
  • Reading: Bishop Chapter 6
02.19.16
  • Hybrid Models
  • Reading: Bishop Chapter 7
  • Homework 1 is available on elearning.
  • Project Description is available on elearning

02.26.16
  • Basic Cryptography Overview
  • Authentication
  • Reading: Bishop Chapter 9 & 12
03.04.16
  • Database Security
  • Encypted Data storage in Databases
  • Reading:  Please read the following overview paper (pdf)
  • Reading:  Please read the following tutorial from Microsoft Research (pdf)
  • Homework 2 is available on elearning.
03.11.16
  • Access control in distributed systems
  • Reading:  Please read the following overview paper
03.18.16
  • Spring Break !!!
03.25.16
  • Midterm !!!
  • Homework 3 is available on elearning.

04.01.16
  • SQL and Code injection attacks
  • Reading: Please see the tutorial from Oracle.

04.08.16
  • Introduction to Data Privacy
  • Reading: K-annonymity (pdf), l-diversity (pdf), differential-privacy (pdf), privacy-preserving distributed data mining (pdf)
  • Homework 4 is available on elearning.
04.15.16
  • Introduction to Data Privacy cont.
04.22.16
  • Introduction to Data Privacy cont.
04.23.16
  • Policy, legal etchics and compliance
  • Economics of data security and privacy
  • Reading:  T.b.d.
  • Please note that we will have extra class on this day.

04.29.16
  • FINAL exam will be administered during the last class. 
  • To comply with university regulations, I will schedule an additional class on April 23rd.