Computer and Network Security

Grinnell College

CSC 214 · Spring, 2017

Class News

Reading for the April 6 session: chapter 10 in Security Engineering (pages 313–364).

The exercise on customer records is due at the beginning of class on April 6.

Here's the JavaScript-vulnerabilities paper that I referred to near the end of our March 16 session:

“Thou Shalt Not Depend on Me: Analysing the Use of Outdated JavaScript Libraries on the Web,” Tobias Lauinger, Abdelberi Chaabane, Sajjad Arshad, William Robertson, Christo Wilson, and Engin Kirda, Network and Distributed System Security Symposium 2017, February 26 – March 1, 2017

Optional reading on the state of privacy of patients' electronic medical records: “Google DeepMind and Healthcare in an Age of Algorithms,” Julia Powles and Hal Hodson, Health and Technology, March 16, 2017

Optional reading on the fragility and vulnerability of the computer networks that support the power industry, the financial sector, the communications industry, and the oil and gas industry in the United States: “Keeping America Safe: Towards More Secure Networks for Critical Sectors,” jointly published by the MIT Center for International Studies and the MIT Internet Policy Research Initiative, March 2017.

Short Syllabus

In this course, we'll consider the security of computing systems and the networks over which they communicate, tools and techniques for undermining or for reinforcing the reliability and usability of computer systems, the theoretical concepts that underlie those techniques, and the ways in which governments, corporations, interest groups, and individuals currently use them.

The class meets in Noyce 3819, on Thursdays, from 2:00 to 3:50 p.m.

Our textbook is Security Engineering: A Guide to Building Dependable Distributed Systems, second edition (Indianapolis: Wiley Publishing, 2007; ISBN 978-0-470-06852-6), by Ross Anderson, Professor of Security Engineering at the Computer Laboratory of the University of Cambridge. We'll supplement and update this textbook with blogs maintained by researchers and other professionals in the field of computer and network security. Here are a few that are reliable starting points:

The Instructor

The instructor for this course is John David Stone. My office is Noyce 3829, near the east end of the long corridor on the third floor of the Noyce Science Center, on the north side (facing Eighth Avenue). My telephone extension on the Grinnell College campus is 3181.

My office hours for spring 2017 are

or by appointment.

Course Links