Introduction to Security


Tuesday 6:00 - 8:50PM

Room: IS 405


James Joshi


Contact Info:
721, IS Building,


Email: jjoshi[AT]mail.sis.pitt.edu 


Office Hour

Mondays 2:00-4:00PM

Saubhagya Ram Joshi

(Thursday 3:30-5:30PM)

(GIS Lab, 4th Floor)


Suroop M Chandran


(Wireless Lab, 4th Floor)




Midterm date Oct 11


Sample Midterm


Sample Final


Homework 1

(Due: Sep 14)


Homework 2

(Due: Sep 21)


Homework 3

(Due: Sep 30)


Homework 4

(Due: Oct 8)


Homework 5

(Due: Oct 26)

(Lab Exercise 1)

(Windows/Linux,Solris Access Control Features)

(Due: Oct 28, 5PM)


Homework 6

(Lab Exercise 2)

(Computer Forensics)

(Due: Nov 8)


Homework 7

Java Class files

(Part 1: Due Nov 15)

(Part 2: Due Nov 23)

(Part 2: Extended to Nov 28)

(Some useful notes on programming assignment)

(inverse modulo info)



(Includes Midterm)

List of Assigned/Optional Papers




Some Java Resources

GSA's Java Tutorial

Important Links

Security Track


Fall LERSAIS Seminar Listing

Fall 04 of this Course

Fall 03 of this Course



Course Description
This course covers fundamental issues and first principles of security and information assurance. The course will look at the security policies, models and mechanisms related to confidentiality, integrity, authentication, identification, and availability issues related to information and information systems. Other topics covered include basics of cryptography (e.g., digital signatures) and network security (e.g., intrusion detection and prevention), risk management, security assurance and secure design principles, as well as e-commerce security. Issues such as organizational security policy, legal and ethical issues in security, standards and methodologies for security evaluation and certification will also be covered.


  • Basic knowledge of : operating systems, data structures, database systems and networks. 
  • Basic mathematics: undergraduate mathematics, some knowledge about mathematical logic

Students not sure about the required background should meet the instructor.


Computer Security: Art and Science by Matt Bishop (ISBN: 0-201-44099-7), Addison-Wesley ++++

Other Reference Material

Security in Computing, 2nd Edition, Charles P. Pfleeger, Prentice Hall
Security Engineering: A Guide to Building Dependable Distributed Systems, Ross Anderson, Wiley, John & Sons, Incorporated, 2001

Inside Java 2 Platform Security: Architecture, API Design, and Implementation
by Li Gong, Gary Ellison, Mary Dageforde

          A list of papers will be provided to supplement the book

Course Outline

Security Basics
  • General overview and definitions
  • Security models and policy issues
Basic Cryptography and Network security
  • Introduction to cryptography and classical cryptosystem
  • Authentication protocols and Key Management
  • IPSec, VPNs, E-commerce issues
Systems Design Issues and Information assurance
  • Design principles
  • Security Mechanisms
  • Auditing Systems
  • Risk analysis
  • System verification and evaluation
Intrusion Detection and Response
  • Attack Classification and Vulnerability Analysis
  • Detection, Containment and Response/Recovery

Legal, Ethical Issues

Overview of Miscellaneous Issues (Time permitting)

  • Malicious code, Mobile code
  • Digital Rights Management, Forensics
  • Emerging issues: E/M-commerce security, Multi-domain Security Issues etc.

Lab + Homework/Quiz/Paper review 40%
Two Exams 40%

Paper/Project 20%
Misc. (Seminar, Participation in class) will also be used.

If you are having a disability for which you are or may be requesting an accommodation, you are encouraged to contact both your instructor and the Office of Disability Resources and Services (DRS), 216 William Pitt Union (412-648-7890/412-383-7355) as early as possible in the term. DRS will verify your disability and determine reasonable accommodations for this course.