Course pages 2013–14
Security II
Lecture slides (by lecturer) and relevant reading material
All lectures 1200-1300 in LT2 @ WGB.
- Frank Stajano:
- Security,
human factors and psychology. Passwords. Security policies. Physical
security. (MWF 17-27 Jan)
- Ross Anderson, Security Engineering
- Alma Whitten, Doug Tygar, Why Johnny can't encrypt
- Anne Adams, Angela Sasse, Users are not the enemy
- Kevin Mitnick, The art of deception
- Frank Stajano, Paul Wilson, Understanding scam victims
- Robert Cialdini, Influence - science and practice
- Daniel Kahneman, Nobel lecture (video, article).
- Daniel Kahneman, Amos Tversky, Prospect theory: an analysis of decision under risk
- Daniel Kahneman, Thinking fast and slow
- Joseph Bonneau, Sören Preibusch, The password thicket
- Joseph Bonneau, Cormac Herley, Paul van Oorschot, Frank Stajano, The quest to replace passwords
- Frank Stajano, Pico: no more passwords
- Adam Beautement, Angela Sasse, Mike Wonham, The compliance budget
- Elliott Bell, Len La Padula, Secure computer system: unified exposition and Multics interpretation
- David Brewer, Michael Nash, The Chinese Wall Security Policy
- David Clark, David Wilson, A Comparison of Commercial and Military Computer Security Policies
- Frank Stajano, Ross Anderson, The Resurrecting Duckling
- Roger Needham, Denial of service: an example
- Matt Blaze, Rights Amplification in Master-Keyed Mechanical Locks
- Richard Clayton:
- Security economics (29 Jan)
- Steven Murdoch:
- Anonymity and censorship resistance (31 Jan)
- Sergei Skorobogatov:
- Tamper resistance and hardware security (3 Feb)
- Robert Watson:
- Concurrency and security (12 Feb)
- Markus Kuhn:
- Cryptography: private key encryption, chosen-plaintext attack security, message authentication codes, authenticated encryption, key distribution problem, number theory, trapdoor permutations. (4up, slides, exercises) (MWF 5-21 Feb, except 12 Feb)
lecture recordings (experimental, incomplete)
Exercises and exam questions
You are encouraged to use the online Otter system for supervisions, exercises and exam questions. Last year's offline exercise sheet for the initial part of the course is still available as a backup.
Note about exams
Supervisors tell me (FMS) that supervisees repeatedly ask who sets the questions and whether the questions I set will be only on things I lectured and so forth. Let it therefore be known that FMS and MGK will each set one question and that each such question may relate to any part of the syllabus, including topics lectured by the other lecturer or by the guest lecturers. See for example 2012 for constructive proof of me setting and marking a question on a part of the course I did not personally lecture that year.