Never Ending Security

It starts all here

CS 490S: Secure Network Programming

CS 490S: Secure Network Programming

Syllabus

Cr. 1 Corequisite: CS 422 (that means that students who have taken CS 422 in the past, or are taking CS 422, can take CS 490S now).
CS majors may use this course only as a free elective.

Instructor

Pascal Meunier, PTC E2-312

Class Homepage

An updated syllabus, class handouts, lecture notes, and other information can be found at:http://www.cs.purdue.edu/homes/cs490s

Schedule

Lecture: Thursdays 9:30-10:20, KNOY B035

References

Textbook:
None required. We will be using these slides, mostly those in class 3.
Can be useful but not required: Network Intrusion Detection, (3rd edition) Northcutt and Novak

Goal

After successfully completing this course:

  • You will understand the basics of programming secure network applications.
  • You will understand how networking protocols may be vulnerable to attacks, and how to defend against those attacks or mitigate the risks.
  • You will be familiar with the most frequent programming errors and negligences leading to vulnerabilities in networked applications and protocols.

Course Organization

The course consists of lecture sessions, two quizzes (exams) and three deliverables. The deliverables consist of choosing a lab assignment from CS 422 (approval by email required to make sure the assignment is appropriate), and providing: a) a 1-2 page long threat assessment; b) a list of security functional requirements to be implemented in order to mitigate the threats in a); and c) the improved lab with some implemented security functionality. The fact that this class is a one-credit class limits the effort to be spent on this implementation to one security feature (or two easy ones). The improved lab will not be evaluated on the original CS 422 functionality except that which is required to demonstrate the security feature.


Lecture Notes & References

August 25 lecture on trust, as the foundation of secure networked applications and remote interactions (roughly half of these slides, to be continued next week)

Resources

How to write secure code
CVE
ICAT
Cassandra


Labs

Choose a lab assignment from CS 422 (approval by email required to make sure the assignment is appropriate), and provide: a) a 1-2 page long threat assessment; b) a list of security functional requirements to be implemented in order to mitigate the threats in a); and c) the improved lab with some implemented security functionality. The fact that this class is a one-credit class limits the effort to be spent on this implementation to one security feature (or two easy ones). The improved lab will not be evaluated on the original CS 422 functionality except that which is required to demonstrate the security feature.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s