Proposed Course: CS 658 Computer Security and Privacy


This course provides an introduction to security and privacy issues in various aspects of computing, including programs, operating systems, networks, databases, and Internet applications. It examines causes of security and privacy breaches, and gives methods to help prevent them.

Students completing this course should be better able to produce programs that can defend against active attacks, and not just against random bugs.

Intended audience

CS 658 is a course intended for CS graduate students

Related courses

Prerequisites: CS 350 or ECE 354


Required text: Security in Computing, 4th Edition, Charles P. Pfleeger and Shari Lawrence Pfleeger.


Three hours of lectures per week (held with CS 458). Offered in F,W.

Graduate Student Research Paper

Students registered in CS 658 must write a research survey paper on a topic related to computer security or privacy. The topic must be approved in advance by the instructor. In writing the paper, the student must become familiar with the research literature relevant to the topic. The paper should be a summary of past and current work on the topic, as well as an overview of known open problems and potential future directions in the area. The paper should provide a concise summary of work, emphasizing major accomplishments, rather than a detailed accounting of individual pieces of research activity.


Introduction to Computer Security and Privacy (1.5 hours)

The meaning of computer security; comparing security with privacy; types of threats and attacks; methods of defense

Program Security (6 hours)

Secure programs; nonmalicious program errors; malicious code; controls against program threats

Operating System Security (6 hours)

Methods of protection; access control; user authentication

Network Security (4.5 hours)

Network threats; firewalls, intrusion detection systems

Internet Application Security and Privacy (9 hours)

Basics of cryptography; security and privacy for Internet applications (email, instant messaging, web browsing); privacy-enhancing technologies

Database Security and Privacy (4.5 hours)

Security and privacy requirements; reliability, integrity, and privacy; inference; data mining; k-anonymity

Non-technical Aspects (4.5 hours)

Administration of security systems; policies; physical security; economics of security; legal and ethical issues