Course Syllabus

 

Overview

I plan to talk about a number of issues at a high level and assign homework that dives into some of those issues at a lower level. The homeworks/projects will be more on the order of 1-3 weeks each (i.e., this is not a "project course"). The assignments will be at least partially programming based, but as at least some of them are about attacking rather than defending, the amount of lines of code that will be required (as opposed to thinking) is not extensive.

 

Staff details

Contact

What to do when you have a question:

      1. If it's something that someone somewhere in the class might want to know the answer to, please post to Piazza. 
        • If you send a private message that we feel that the rest of the class might want to know the answer to, we reserve the right to post the question and answer to Piazza.
      2. If it's something that you don't feel is appropriate for Piazza:
        • Use the Canvas messaging system to message both the TAs and I. This way, you: a) will get an answer more quickly; b) won't run afoul of any email filters that give lower priority to random@hotmail.com.

While we will do our best to get back to you promptly, do not expect responses in <24 hours. This is for several reasons: a) while we want to help you, we have a variety of professional and academic job time commitments; b) it gives other students a chance to answer your questions; and c) it gives you a chance to mull over the problems that you encountered and potentially figure it out on your own (makes for a happier brain). This does mean that it is not wise to wait until the last minute before assignments are due. (Although, you can always choose the late turnin option with the penalty.)

Communication guideline: Help us help you. We understand that juggling coursework and life can sometimes be frustrating, which means that sometimes you should stop and read over your message to make sure that it will be maximally useful in helping you out.

 

Instructor

Tamara Denning

Office: MEB 3446

Office Hours: Tuesday 2:00-3:00pm

 

TAs

Zeeshan Hakim and Dhwani Vora

 

Office Hours and Locations: 

Dhwani Vora:

2:30 - 4:30pm on Thursdays (MEB 3423)

Zeeshan Hakim:

12:15 - 1:15 pm on Wednesdays (MEB 3409)

12:00 - 1:30 on Fridays (MEB 3423)

 

Course Details

Class Time: Tuesdays & Thursdays 12:25-1:45PM

Location: WEB L102

Prerequisite: CS 3810 and CS 3505

In this course we cover the basics of computer security and privacy. Topics are subject to change, but include things like beginning symmetric and asymmetric cryptography, threat modeling, authentication, injection attacks, access control, and usability. Students must be comfortable working with or picking up basic networking, scripting languages, SQL, etc.

Textbook: There is no required textbook. There will be (free) readings posted online.

 

Policies

Late Policy

Please pay careful attention to the due dates of the assignments. For most assignments (not quizzes or exams), if you hand in the assignment late, we will take off 10% for each day it is late. When computing the number of days late, we will round up; so an assignment turned in 25 hours late will be downgraded 20%. The deduction is on the total possible points for the assignment, not based on how you score.

 

Academic Misconduct

First things first: there is nothing wrong with looking up information online. When you are working on independent projects, or later in your job, you will be looking up things that you don't know. (In many cases, the course readings link to a Wikipedia article or similar.) The important distinction here is between understanding and a simple copy-paste (or a copy-paste with "mutate it until it works"). So, it's perfectly acceptable to look up, for example, protocol details online for TLS. It's not acceptable to specifically try to find solutions to the homeworks. See Mini-Netflix-Binge rule, below. When in doubt, feel free to ask. In general, we will try to indicate in assignment handouts whether/how much outside searching is expected.

 

Cheating vs. Collaboration

Collaboration is a very good thing. On the other hand, cheating is considered a very serious offense. Please don't do it! Concern about cheating creates an unpleasant environment for everyone. If you cheat, you risk losing your position as a student in the department and the college. The department's policy on cheating is to report any cases to the college cheating committee. What follows afterwards is not fun for anyone.

So how do you draw the line between collaboration and cheating? Here's a reasonable set of ground rules. Failure to understand and follow these rules will constitute cheating, and will be dealt with as per university guidelines.

 

The Mini-Netflix-Binge Rule

This rule says that you are free to meet with fellow student(s) and discuss assignments with them. Writing on a board or shared piece of paper is acceptable during the meeting; however, you should not take any written (electronic or otherwise) record about the assignment away from the meeting. This applies when the assignment is supposed to be an individual effort or whenever two teams discuss common problems they are each encountering (inter-group collaboration). After the meeting, engage in (at least) a half hour of mind-numbing activity before starting to work on the assignment. This will assure that you are able to reconstruct what you learned from the meeting, by yourself, using your own brain.

 

The Freedom of Information Rule

To assure that all interactions are on the level, you must always write the name(s) of who you talk with about your assignments (aside from course staff) on your assignment. These names should be listed in a prominent location at the top of the first page of your assignment.

 

Incomplete

University Policy states that an Incomplete grade may only be given when there has been a circumstance “beyond the student’s control,” (e.g., a death in the family, a serious accident, or a serious illness) and the student has completed 80% of the course requirements.

 

Academic Accommodations

The University of Utah is committed to the opportunity for success and equal access. Please let me know as soon as possible if you need any academic accommodations.

 

Inclusivivity

It is our intent that students from all diverse backgrounds and perspectives be well-served by this course, that students' learning needs be addressed both in and out of class, and that the diversity that the students bring to this class be viewed as a resource, strength and benefit. It is our intent to present materials and activities that are respectful of diversity: gender identity, sexuality, disability, age, socioeconomic status, ethnicity, race, nationality, religion, and culture. 

We also expect students to treat others in the class, including the teaching staff, with the same level of respect.

Your suggestions on how we can make the course more inclusive and welcoming are encouraged and appreciated. You can give us feedback in person during office hours, or through our anonymous feedback form.

We take incidents of discrimination, bias, and harassment seriously. We will file reports with the  Office or Equal Opportunity, Affirmative Action, and Title IX (OEO) about such incidents. If you are unsure what differentiates free speech and professional behavior from discrimination, bias, and harassment we are happy to have an open, judgement-free, and confidential conversation with you, or refer you to the OEO. 

U of U Inclusivity Statement 
Center for Ethnic Student Affairs 
LGBT Resource Center 
American Indian Resource Center 
Office of Equal Opportunity, Affirmative Action, and Title IX 
Center for Student Wellness 

Communications

We will assume that you regularly monitor your campus email, Canvas, and Piazza. There are ways to receive notifications when new material is posted, which you should set up. You should also make sure that you get announcements ASAP, rather than as a digest, if any such option exists.

 

Ethics

Part of computer security is about thinking like an attacker. After all, it helps to be able to defend something if you can think of ways that someone might break it. As a result, some of the content that we will be discussing in this class - and some of the work that we will be doing - is about breaking things. I order to get a non-zero grade in this course, you must submit the Ethics form.

 

Coursework

Grades in the course will be composed as follows:

    • Exercises: 40%
    • Homeworks: 30%
    • Final Exam: 10%
    • Quizzes: 20%

Extra credit opportunities throughout the course may be offered. Discretionary extra credit: Extra credit may also be awarded for particularly interesting contributions on coursework above and beyond the expected. Extra credit may be awarded for identifying errors and may be awarded for suggesting improvements to future materials. Extra credit may be awarded for pursuing the answer to an unanswered question in lecture.

 

Exercises

There will be exercises throughout the course. These projects will require more hands-on work (e.g., coding, analysis). They will count for 40% of your grade.

 

Homework

There will be homework assignments throughout the course. These assignments will focus more heavily on written or “pen-and-paper” style work than the projects. They will count for 30% of your grade.

 

Quizzes & Exams

There will be a final exam at the end of the course which accounts for 10% of the grade. There will be no midterms; however, there will be quizzes throughout the semester. They will count for 20% of your grade. The lowest quiz score will be dropped, which means that you can choose to miss one quiz with no effect on the grade. Other makeup options are not available.

Course Summary:

Date Details Due