Computer Laboratory

Course pages 2012–13

Principles and Foundations of Computer Security

Principal lecturers: Prof Ross Anderson, Dr Frank Stajano, Dr Steven Murdoch, Dr Robert Watson
Taken by: MPhil ACS, Part III
Code: R209
Hours: 16 (8 × two-hour seminar sessions)
Prerequisites: Undergraduate operating systems course; an undergraduate networking course would be useful. It is recommended that students undertaking the Lent term course also take this Michaelmas term course.


This course aims to provide students with an introduction to the history and central themes of computer security, from its 1970s foundations to some current research topics, with a theme of how to defend cloud-based systems against capable motivated opponents. The course considers first local computer systems and then distributed systems; however, we will rapidly discover that this is an artificial distinction that only becomes more awkward as we enter the current period. Throughout the course, we will consider proposed systems along with the adversarial research intended to identify gaps and vulnerabilities.


There will be eight two-hour seminars on the following topics.

  • Origins and foundations of computer security
  • The economics of security
  • Passwords: technology, human factors, and what goes wrong
  • Cryptographic protocols: possibilities and limitations
  • Access control systems
  • Hardware and software capability systems
  • Programming language and information flow security
  • Correctness vs. mitigation
Students are expected to read the required set papers before each class. All students are expected to submit a brief written summary of the readings in advance of each class, and students will be nominated to give brief presentations of each paper, or of cross-cutting aspects of all the papers, to lead discussion.


On completion of this module, students should:

  • understand the principles of computer security
  • be familiar with long-term and recent research themes
  • appreciate the challenges of defending high-value systems


Participants will be expected to undertake six hours of preparatory work before each meeting. This will involve:

  • Reading a set number of papers
  • Following up references and other related work
  • Writing an essay of about a thousand words summarising of the set papers and discussing their broader context
  • Submitting the essay by noon two days before the meeting

Every week, three participants will each introduce an aspect of the set papers by giving a 20 minute presentation as if reporting the work at a conference, followed by 5 minutes of questions and 10 minutes of discussion. The final 15 minutes will be spent discussing the broader issues raised by the week's papers. Students will give 3-4 presentations each over the course of each term.

Practical work



Participants on this course will be awarded a percentage score made up from the following two components:

  • 80%: for paper reviews submitted on-time each week, with grades here fed back on a week-by-week basis; and
  • 20%: for your presentations, to be awarded by the course assessor at the end of the course.

1000-word weekly essays are marked on a scale of one to ten, to be scaled as needed to make up 80% of the total course mark, the single lowest mark to be dropped (typically the first mark), with marks reflecting the clarity of writing, quality of comprehension, and insight into the research and larger context.

Essays must be turned in by noon on Tuesdays to Graduate Education Office on paper, and also emailed to . In general, extensions will not be granted, as the essays are intended as key forcing functions in (a) ensuring that papers are read before their corresponding class and (b) motivating thinking about the work and its context for a group discussion.

Presentations should be structured as though the speaker were presenting at a conference, and will be twenty minutes long. Slides will be used, and submitted in PDF format to Dr Robert Watson at 10.00 AM on the day of the class they are presented in. For logistical reasons, the use of your own notebook for the presentation is not possible. Marking will place significant emphasis on a clear explanation and evaluation of the technical content of the paper, with a preference for pithy over verbose. The number of presentations students give may vary, marks being scaled as appropriate.

All participants are expected to attend and participate in every class; the instructor must be notified of any absences in advance on

Recommended reading

Anderson, R. J. (2008). Security Engineering, Wiley (second edition)
Gollmann, D. (2010). Computer Security, Wiley