Computer Laboratory

Course pages 2013–14

Computer Security: Principles and Foundations


Essays are limited to 1,500 words, excluding title, headings, and bibliography. The goal is for this to be a short and pithy essay; the word limit is intended to ensure they don't become longer works (3000-word) which would be a natural temptation. We are not so concerend with the exact word limit (1,501 words would be fine) so much as brief but insightful explanation and commentary (clarification: thoroughly gratuitous word-count excess will be penalised by no less than 0.25 marks). The summary section of the paper will, by virtue of its breadth, be the longest, followed by key themes. Current context and related work will generally be roughly equal in length. Discussion questions will be the shortest section, and consist of a bullet list.


We are expecting brief summaries of each reading (1-2 paragraphs each). Given the space you will only be able to draw out a few key ideas, vocabulary, and contributions. Most readings will be making quite a constrained set of points, albeit drawing those points out and evaluating them in great detail. For surveys, you may find you have to select one or two particularly interesting observations to highlight. Through most of the year we will have 3 readings/week; at the very beginning the reading load is a bit higher, so summaries will necessarily feel more abbreviated.

Be careful to avoid replicating the abstract/introduction/conclusion of the readings; if, for example, we look at a security model, be sure to draw out some of the mechanism of the model, rather than just observing its existence as might be done in a paper abstract.

Key themes

Bring to our attention 2-3 key themes spanning the papers. There should be a bit of subtlety here: we are aware that all the economics papers are on economics. Instead, focus on key insights across the papers, problems or preoccupations presenting in each, and where they take differing views on important ideas.

Ideas in current context

The purpose of this section is for you to ponder how some of the ideas from past research ideas might apply to current-day problems. For example, how might a set of ideas apply to medical information systems, cloud computing, etc. Are the ideas still applicable? Have they been forgotten or are they used? What limitations might they encounter in a new context? What niches might they be perfectly suited for -- and how might they have to be adapted for it?

We are looking for more than one example, but not vast numbers or enormous detail. You do not need to cover all aspects of all papers: pick 2-3 interesting ideas and talk briefly about their implications for a scenario.

Literature review

We would like you to identify a few key relevant publications linked to the assigned readings; for older papers, you might just seek out later work, but when we assign more recent work you may want to consider their common influences. Of particular note, be sure to track down retrospective pieces by the same authors, and if any, mention what their longer-term insights proved to be. For some kinds of readings, a contribution is later "broken"; finding that paper would be great.

Given the limited time you have available, we aren't expecting a comprehensive bibliographic review -- rather, some insightful spotting of 4-8 interesting related citations and an indication of why they are relevant.

Discussion questions

This section will simply consist of a bullet list of 3-4 insightful discussion questions relating to the readings. There is scope for creativity here, but you might consider questions about the relationships between the publications, how they might apply in the current world, future directions, etc. These should not be quiz-style questions, but instead, questions intended to trigger longer discussions.

For example, in our first week, we consider Saltzer and Schroder's PICS paper, which makes relatively little comment on the topic of computer networking, but focuses instead on local-system protection models. We also discussed shared-secret and public-private key cryptography and its role in cryptographic protocols. These two worlds do not live in isolation, so a number of interesting questions might be raised about how the types of security integrate with one another.


Each registered student (and most visitors) will give at least one presentation on a reading during the term. For the avoidance of doubt: all presenters are expected to use slides, which must be submitted in PDF form (and on paper) prior to class; the module organisers will provide a computer to present from. This will limit the use of fancy animations, but save a substantial amount of time that might otherwise be lost to problems with notebooks and projectors. In order to allow you to focus on a high-quality and practiced presentation, no essay is assigned for the week in which the presentation will be given.

Unlike essays on readings, there is no recommended outline for the presentation: a suitable structure should be selected based on the style of the reading assigned. Presentations should be given in a teaching or research style, conveying the key ideas and contributions of the work -- as well as critiquing it. Topics to cover, depending on the nature of the reading, may include:

  • What motivated the work?
  • What are the key ideas?
  • How were the scientific ideas evaluated?
  • How can we critique its argument/evaluation?
  • How does this work relate to other works we have read -- and other works in the research literature?
  • How do these ideas apply to the current world?

Presenters should be prepared for an engaged question-and-answer session, and to help lead discussion of the paper. Presenters may find that exactly following the paper outline leads to a less compelling presentation style, and should consider alternative narratives likely to better engage the audience. Illustrations, rather than simply slide upon slide of bullets, will also improve the quality of the presentation. For survey papers especially, it may not be possible to cover all ideas from the paper: you must select a useful subset that will best educate and engage the audience.

Each reading is alotted roughly half an hour of classroom time: 15-20 minutes of presentation (aim for 15 but slipping a bit is OK) followed by 10-15 minutes of discussion.

Presentations will be evaluated based on their successfully conveying the key content of the paper. Up to ten marks will be awarded for effective teaching of the key ideas of the reading; a critical evaluation of the work; tracing related research; considering current implications vs. historical context of the work; and successful ansering of Q&A as well as triggering and contributing to an interesting classroom discussion.