This page contains tentativelecture plan and the lecture slides.




Week 1

(Jan 8)

Cancelled (NSF-SFS Symposium)


Week 2

(Jan 15)


Course Introduction

Overview of Security Management and Security Planning

(Based on Chap 1 and 2 of Whitman book – notes in the reading list section)


Lecture 1




Week 3

(Jan 22)


Contingency Planning, Information Security Policy &Programs,

(Chap 3-5 of Whitman book; notes in reading list section)


Additional Reading: 

Contingency Planning Guide for Information Technology System (NIST 800-34

Generally Accepted Principles and Practices for Securing Information Technology Systems (NIST 800-14)


(Covered till Slide 58)


Lecture 2


Week 4

(Jan 29)


Continue Lecture 2


Overview of Computer Forensics

(Source: Guide to Integrating Forensic Techniques into Incident Response (NIST SP800-86)


(Covered: Lecture 3, and Slide 100 of Lecture 2)


Lecture 3


Week 5

(Feb 5)


Class will be held at Pitt’s CSSD Unit (Bellefield Hall)

-       Overview of CSSD’s InfoSec Infrastructure/Team/Program

-       Presentation and Discussion on Pitt’s InfoSec IRP/DRP (Sean Sweeney, Jay Graham, CSSD)

-       Demo and some hands-on on Computer Forensics at CSSD


READ NIST DOCUMENTS LISTED ABOVE BEFORE THIS CLASS – Actively participating in the discussion about CSSD is expected


(CSSD Proprietary slides on DR plan, Info Sec plan and a Computer forensics lab/case study (this should be done by all as there was a limited time at CSSD)

Week 6

(Feb 12)


Remaining from Lecture 2


Risk Management

(Chaps on Security Management of Whitman book; notes in reading list section)

(NIST: Managing Information Security Risk: Organization, Mission, and Information System View (SP 800-39))


Lecture 4




Week 7

(Feb 19)

On Feb 18 (Tuesday) – Visit to Pitt’s NoC and Guest Lecture

Louis Passarello (NoC Director) At 10-12Noon

(NoC process, support features, physical security, server/data center overview; tools overview)

Lecture/NoC and

Datacenter Tour

Overview onsite

Week 8

(Feb 26)


Guests from US Steel

D.J. Mance, (Director of Global Communications Technologies) &

Nicholas Hewlett (Network Security Manager)

Risk Management (Continued)


Week  9

(March 5)


Guests from PNC Bank 

Luis Guzman Jr.  (Cyber Threat Analysis Manager | PNC-CERT)


Continue with remaining slides from earlier lectures

Management Models/Practices


Lecture 5

Spring Break

Week  10

(March 19)


Cloud Computing: Security and Privacy Issues

(See the Reading list for the required/recommended readings)

Project discussion


Lecture 6

Week  11

(March 26)


Guest lecture by Prof. Balaji Palanisamy

Topics: Location Privacy + MapReduce/Cloud S&P


Week  12

(April 2)

Guest: Amirreza Masoumzadeh (LERSAIS PhD Student) – Brief overview of Social Network Anonymity


Paper presentations on Security and Privacy in Cloud Computing (See reading list for schedule)

(see reading

list for papers)

Week 13

(April 9)

Guest: Nathalie Baracaldo (LERSAIS PhD Student) – Towards Tackling the Insider problem: risk aware access control approach.

Paper presentations Security and Privacy in Social Networks (See reading list for schedule)

(see reading

list for papers)

Week  14

(April 16)

Paper presentations

Project updates

Week 2

(April 23)

Project presentations/Evaluations