Usability and security are widely seen as two antagonistic design goals for complex computer systems. This course challenges convention wisdom and encourages students to discover ways that security, privacy and usability can be made synergistic in system design.
Topic include computer forensics, network forensics, user interface design, backups, logging, economic factors affecting adoption of security technology, trust management and related public policy. Case studies such as PGP, S/MIME, SSL will be used. Basic cryptography and hash function will be introduced as needed. Coursework includes analysis of papers, problem sets, and a substantial term project.
Grades in CSCI E-170 are based on class participation, homework, the quiz, and the two projects. These elements are weighted as follows:
Thus, half of your grade is based on independent work, one fifth of your grade is based on class and online participation, and 30% of the grade is based on the two projects.
As this is a survey class of current research in computer security, privacy and usability, we will be reading and discussing research papers. As such,
Note: If you don't participate (by taking part in the online discussions and, if you are not a distance student, regularly attend class), you will receive an F for both the class participation and the homework grade, even if you have faithfully handed in the assignments.
The class projects are designed to be significant projects involving original work that examines some aspect of security discussed in the course. Projects will be done in assigned teams of four students; teams will be scrambled after the first project. It is expected that each team will consist of students who are in Cambridge and those who are in distance education students.
The first project will be a literature review in which you will research a current issue in computer security, usability and privacy taking into account news articles and the scholarly literature. The work product for your first(midterm) project is a 12 to 15 page paper.
The second project is a hands-on project in which you will either develop or download a security system and write about your experience with it. The work product that you produce for the second (final) project will be a written report between 8 and 12 pages long, and a 10-minute presentation.
Both reports that you write should have scholarly references; you may use either the so-called "Harvard Style" or IEEE style to cite your references. A list of URLs is not an acceptable citation format and will be viewed will be graded accordingly. You should give priority to scholarly references over popular accounts in magazines or news websites. More details regarding the projects and project suggestions will be made available on the course website.
Note: You must hand in both projects to pass CSCI E-170. If you don't hand them in, you will receive an F for the subject as a whole.
It is strongly recommended that you discuss the readings and assignments with your classmates. However, it is expected that the homeworks that you submit is your own. You may not collaborate on the quizzes. The final project is a group effort; your group should not collaborate with other groups.
It is expected that you will reference a variety of articles and other sources in the preparation of your assignments and final project. You are welcome to use either the so-called "Harvard Style" or IEEE style to cite your references. A list of URLs is not an acceptable citation format and will be viewed will be judged accordingly.
Lectures will be held on Monday evenings from 5:30 - 7:30pm in Room L01, 53 Church Street.
There will be an online section, in which all students are invited
to participate, and TA office hours. Online sections will happen simultaneously with TA hours.
|Eleni:||Monday||7:30-9:30PM||53 Church Str., Room 106|
|Joe:||Tuesday||6:00-8:00PM(by appointment)||MIT 35-010|
|Online: AIM chatroom "cscie170"|