Data and Applications Security (CS 6348) 
 
     Time and Location :  F 10am-12:45pm@ECSS 2.306

     
       Instructor                            :   Murat Kantarcioglu
       Office Hours & Location Friday: 3pm-4:30pm@ MS Teams 
 
       Teaching Assistant             :   Mestan Firat Celiktug (mxc200007) 
       Office Hours & Location  :   Monday: 11am to noon, Friday: 2pm to 3pm. 
                                                                @ MS Teams         


  Prerequisites                   :   CS 5343
                       

Grading:

       

  •   Homework   % 12 (4 homework, each worth 3%)
  •   Project          % 30 (Group project (3-4 students per group) that requires programming)
  •   Midterm       % 28
  •   Final             % 30 (All topics covered included)

 

 
   Course Topics: (tentative)

     The course will teach principles, technologies, tools and trends for data 
    and applications security. Please see below for details.

         
           Textbook:    
       

       None.

 Course Outline:

01.21.22
  • Overview of the Data Security and Privacy
  • Design principles for Security
  • Access control basics
  • Reading:  Fred B. Schneider’s book chapter  (pdf)

01.28.22
  • Access Control Foundations
  • Reading: Fred B. Schneider’s book chapter (pdf)
  • Reading:  HRU paper (pdf)
  • Reading:  NIST Attribute Access Control Model (Till Section 3) (pdf)

02.04.22
  • Access control models

02.11.22
  •  Integrity/Hybrid Models

02.18.22
  • Basic Cryptography Overview
  • Authentication
  • Reading:  Fred B. Schneider’s book chapter (pdf)
  • Homework 1 is available on elearning.
  • Project Description is available on elearning

02.25.22
  • Database Security
  • Encrypted Data storage in Databases
  • Reading:  Please read the following overview paper (pdf)
  • Reading:  Intel Sgx Overview (link)  
  • Reading:  Please read the following tutorial from Microsoft Research (pdf)

03.04.22
  • Database Security Cont.

03.11.22
  • SQL and Code injection attacks
  • Reading: Please see the tutorial from Oracle.
  • Homework 2 is available on elearning.

03.18.22
  • Spring Break !!!

03.25.22
  • MIDTERM

04.01.22

04.08.22
  • Access control in distributed systems
  • Reading:  Please read the following overview paper
  • Homework 3 is available on elearning.

04.15.22
  • Introduction to Data Privacy
  • Reading: K-annonymity (pdf), l-diversity (pdf), differential-privacy (pdf),
  • privacy-preserving distributed data mining (pdf)

04.22.22
  • Introduction to Data Privacy cont.
  • Homework 4 is available on elearning

04.29.22
  • Introduction to Data Privacy cont.
04.30.22
  • Extra Class for Potentially Canceled Class.
  • Location and Time: TBD
  • Topic: TBD


TBD
Final  Exam
  • Final EXAM !!! TBD