Information and Data Security
- Introduction to computer security, the design of secure systems and threat modeling
- Entity authentication and privacy, data integrity and confidentiality
- Cryptographic tools: symmetric and asymmetric encryption, digital signatures, message authentication codes, hash functions.
- Security at the operating system level, access control, security enforcement and memory protection
- Network security, firewalls, internet worms, viruses and intrusion detection
- Digital rights management, software security, program obfuscation, implementation flaws and buffer overflow attacks
- Case studies in topical areas
Special Topics: Web Development
- Introduction to technical aspects of state of the art web page/mechanism design and online database connectivity
- Discussion of business implications and issues of increasing online applications
- Introduction to computer security and the design of secure systems. Cryptographic tools
- Operating system security and access control
- Network, software and database security
- Randomness generation and malicious software
- Digital rights management- anonymity and privacy (ethical, legal and business aspects of privacy, various attacks and countermeasures)
Introduction to Modern Cryptography
- Introduction to the fundamentals of modern cryptography with a focus on development of secure cryptographic tools based on hard computational problems
- Topics include: one-way functions, pseudorandom generators, encryption, digital signatures and protocols.
IT Security, Governance, and Audit
- Topics include IS audit processes, IT Governance, Audit of Revenue and Expenditure Cycle Applications, Protection of information assets (i.e. Accounting, Financial and Marketing information, Business continuity and disaster recovery)
- Legal aspects of computer security, Sarbanes-Oxley (SOX) compliance and implications for business and IT, Computer forensics.
Information Security Law and Policy
- Introduction to corporate responsibility as it pertains to the safeguarding of critical data, infrastructure and business processes
- Introduction to the current legal and regulatory landscape in information security, as well as industry standards, guidelines, benchmarks and best practices
- Conceptual ideas will be reinforced with the discussion of recent security breaches and follow-up actions
Information Security Risk Management
- Fundamentals and practical techniques to identify security risks, perform security risk assessment, efficiently manage risk activities, and quantify the risk level of computer systems and computing devices such as laptop computers, mobile devices, and internet-enabled appliances
- More topics include: security risk management through the study of business-cases and by using cost-benefit analysis, what-if analysis, simulation and other quantitative and qualitative methods to assess and control risk
Introduction to Hardware Security and Trust
- Fundamentals of hardware security and trust for integrated circuits.
- Cryptographic hardware, invasive and non-invasive attacks and side-channel attacks
- Physically unclonable functions, watermarking of Intellectual Property (IP) blocks, FPGA security and counterfeit detection
- Hardware Trojan detection and prevention in IP cores and integrated circuits
Hardware Trojan Detection and Prevention
- Graduate-level advanced-topics course that intends to help students (i) understand the challenges and impact of hardware Trojans
- Familiarize themselves with existing state-of-the-art research in the area
- Build a foundation of knowledge in overlapping areas such as signal processing, detection, and estimation theories
- Evaluate existing methods, improve upon them, and develop new research techniques for hardware Trojan detection and prevention in a course project - improve reading, writing, and presentation skills
- The course project challenges the students to insert and detect hardware Trojans in real chips.