Computer and Network Security
CSC 214 · Spring, 2017
Reading for the February 23 session:
in Security Engineering,
from the section “Modes of Operation”
to the end of the chapter
In this course,
we'll consider the security of computing systems
and the networks over which they communicate,
tools and techniques for undermining or for reinforcing
the reliability and usability of computer systems,
the theoretical concepts that underlie those techniques,
and the ways in which governments, corporations, interest groups, and individuals
currently use them.
The class meets in Noyce 3819, on Thursdays, from 2:00 to 3:50 p.m.
Our textbook is
Security Engineering: A Guide to Building Dependable Distributed Systems,
second edition (Indianapolis: Wiley Publishing, 2007; ISBN 978-0-470-06852-6),
by Ross Anderson,
Professor of Security Engineering
at the Computer Laboratory
of the University of Cambridge.
We'll supplement and update this textbook
with blogs maintained by researchers and other professionals
in the field of computer and network security.
Here are a few that are reliable starting points:
The instructor for this course is
John David Stone.
My office is Noyce 3829,
near the east end of the long corridor
on the third floor of the Noyce Science Center,
on the north side (facing Eighth Avenue).
My telephone extension on the Grinnell College campus is 3181.
My office hours for spring 2017 are
- Mondays, 2 to 4 p.m.
- Wednesdays, 10 a.m. to noon
- Thursdays, 9 to 11 a.m.
or by appointment.
- Electronic Frontier Foundation,
- Bruce Schneier,
“The Security Mindset”,
Schneier on Security, April 30, 2008
- Bruce Schneier,
“Security and the Internet of Things,”
Schneier on Security, February 1, 2017.
- Kenneth Olmstead and Aaron Smith,
“Americans and Cybersecurity,”
Pew Research Center, January 26, 2017
- Full “Americans and Cybersecurity” report
(PDF, 43 pages)
- Colly Roderick, “The ‘Objectifier’ Teaches Your Appliances to Work on Their Own,”
Cyber Security Agency, January 26, 2017
- A demonstration of pretexting
- “Most common passwords list”
- The YubiKey, a common device for second-factor authentication
- Bruce Schneier, “Security and Privacy Guidelines for the Internet of Things,” (a compilation of links to on-line guidelines from various sources)
- Australian Signals Directorate, “Strategies to Mitigate Cyber Security Incidents” (table), February 2017
- Australian Signals Directorate, “Strategies to Mitigate Cyber Security Incidents” (threat model and details), February 2017
- Australian Signals Directorate, “The Top 4 in a Linux Environment”
- Australian Signals Directorate, “Security Tips for the Use of Social Media Websites”
- Julia Evans, “Dissecting an SSL certificate,” January 31, 2017
- Chayn, “Do It Yourself Online Safety,” 2017
- Scott Arciszewski, “PHP 7.2: The First Programming Language to Add Modern Cryptography to its Standard Library,” Paragon Initiative, February 12, 2017
- F-Secure, “State of Cyber Security 2017”