| Date | Topic | Reading | Assignment | ||
| Week 1 | Wed, Jan 20 | Introduction, basic concepts | D&D, Ch. 2 | ||
| Fri, Jan 22 | Ethics and responsibility | D&D, Ch. 18, 29, 31 + Thompson84 | Ass1: Secure Web Services (implementation) | ||
| Week 2 | Mon, Jan 25 | OS security basics | Lampson71 | ||
| Wed, Jan 27 | Military & commercial security policies | ClarkWilson87 | |||
| Fri, Jan 29 | OS security architectures |
Plan 9 KeyKOS / KeySAFE | Ass1: Writeup due | ||
| Week 3 | Mon, Feb 1 | Common OS vulnerabilities | D&D, Ch. 11 & 15 | ||
| Wed, Feb 3 | Engineering stronger systems | Bellovin96 (PostScript) | |||
| Fri, Feb 5 | Viruses & intrusion detection | D&D Ch. 6, 13, 14 | |||
| Week 4 | Mon, Feb 8 | Networking: TCP/IP & DNS | D&D Ch. 8-10 | Ass1 due | |
| Wed, Feb 10 | Firewalls | lecture notes | |||
| Fri, Feb 12 | Spam | SprocketLabs UCE Page, Vixie's Spam Page, CAUCE, Spam-L FAQ | Ass2: Networking (written) | ||
| Week 5 | Mon, Feb 15 | Modern programming language basics | |||
| Wed, Feb 17 | Agents and mobile code | D&D Ch. 16 | Ass2 Due | ||
| Fri, Feb 19 | Untrusted platforms | CT99, ST98 | Ass3: Mobile Code (written) | ||
| Week 6 | Mon, Feb 22 | Secret-key crypto basics | |||
| Wed, Feb 24 | No class (OSDI'99) | ||||
| Fri, Feb 26 | Cracking cryptosystems | Ass3 due / Ass4: Measuring RC4 (implementation) | |||
| Week 7 | Mon, Mar 1 | Public-key crypto | |||
| Wed, Mar 3 | |||||
| Fri, Mar 5 | Digital cash & other applications | Ass4 due | |||
| Week 8 | Mar 8-12 | No class (mid-term recess) | Think up final projects! | ||
| Week 9 | Mar 15-19 | Formal modelling and assurance (Guest lectures by John McHugh from Portland State) | Annotated Gypsy Logs, Gypsy Slides, Covert Channels | Final project proposals due | |
| Week 10 | Mon, Mar 22 | Crypto infrastructure | |||
| Mar 24-26 | Crypto protocols & case studies | Abadi94, Burrows89 | |||
| Week 11 | Mon, Mar 29 | Smart cards & tamper resistance | Anderson96, (local copy), iButton security (read section 2) | ||
| Wed, Mar 31 | Tempest (+ Soft Tempest) | Unofficial TEMPEST Page, Anderson98 (local copy) | |||
| Fri, Apr 2 | No class (spring recess) | ||||
| |||||
| Week 12 | Mon, Apr 5 | Cryptographic export and key escrow | |||
| Wed, Apr 7 | Software bloat vs. security | Final project status reports due | |||
| Fri, Apr 9 | Copyright and intellectual property | ||||
| Week 13 | Mon, Apr 12 | Privacy, spam, and cyberactivism | |||
| Wed, Apr 14 | The Year 2000 problem | ||||
| Fri, Apr 16 | Technology and Society in the 21st Century | ||||
| Week 14-15 | Apr 19-30 | Final project presentations, 25 minute conference format | Final writeups due Apr 30 | ||