Introduction to Security

University of Cambridge Computer Laboratory

Principal lecturer: Dr Ross Anderson
Taken by: Part IB, Part II (General), Diploma
Number of lectures: 4
Lecture location: Arts School Room A
Lecture times: 11:00 on TTS starting 02-Mar-99

This course gives a basic introduction to contemporary computer security and cryptology. It consists of four lectures on the following topics:

Books and other sources

In four lectures, I can do little more than prepare the ground for the part 2 security course and for other courses in communications, information theory, distributed computing and so on. In any case, the best way to acquire a feel for this subject is by wide reading. The history is quite fun: a good starting point is Kahn's book `The Codebreakers'.

Computer security: Perhaps the best basic textbook is Dieter Gollmann's `Computer Security'; as this was published only a few months ago, many college libraries won't have it yet, and an alternative is Garfinkel and Spafford's `Practical Unix and Internet Security'. For more specific information on network vulnerabilities, see Cheswick and Bellovin's `Firewalls and Internet Security'; a more abstract treatment is Amoroso's `Fundamentals of Computer Security Technology'.

Cryptography: there are many books which cover the basics, and which one you find congenial will depend on the amount of mathematics with which you're comfortable. Schneier's `Applied Cryptography' is fairly non-mathemtical and includes source code for a lot of algorithms. Another comprehensive text is Simmons' `Contemporary Cryptology'; this has more engineering detail. For the mathematically inclined, Stinson's `Cryptography - Theory and Practice' and Koblitz's `Course in Number Theory and Cryptography' have got a wealth of technical detail.

Ross Anderson
March 1999

IB | II(G) | Dip