MET CS 654 D1 - Network and Software Security - Spring 2004
(Thursday, Main Campus, SMG 240, 595 Commonwealth Ave, 6:00-9:00 PM)


Textbooks & Resources

CourseInfo Web Page

All course materials will be posted using BU's CourseInfo site. This requires all students to have an account with the BU computer system. Click here for instructions if you require an account.

Click here to enter CourseInfo site for this course.

Course Overview

The course provides an in-depth presentation of security issues in computer networks, systems and applications. Internet and intranet topics include security in IP, routers, proxy servers, and firewalls, application-level gateways, Web servers, file and mail servers. Discussion of remote access issues, such as dial-up servers, modems, VPN gateways and clients. Operating System security covers Unix and Windows OS security model, memory protection, access control and authentication, file system security, backup and recovery management, intrusion and virus protection mechanisms. Application level security focuses on language level security and various security policies; conventional and public keys encryption, authentication, message digest and digital signatures and their implementations with Java APIs.

There will be at least six assignments and three in-class exams.


Student Academic Conduct Code

Course Schedule  (Tentative)





 Application Level Security (Prof. Zlateva)
1 1/15 Language Level Security (Security policies and permissions, access control, secure class loading, security management, Java security architecture) -
2 1/22 Cryptographic Elements (encryption, conventional and public key) -
3 1/29 Message Digest and digital signature (Implementation with Java APIs) -
4 2/5 Key Management (Implementation with Java APIs) -
5 2/12 Exam1 (Application Level Security) -
OS Security (Prof. Kalathur)
6 2/19 Introduction, Buffer Overflow Vulnerabilities
7 2/26 Protection in General Purpose Operating Systems (Access control lists, file protection, authentication, etc.) -
8 3/4 Designing Trusted Operating Systems (Security policies, security models, assurance, examples); Unix/Linux Security -
9 3/18 Unix/Linux Security (cont), Windows Security -
10 3/25  Distributed Systems Security, Exam2 (OS Security) -
Network Security (Prof. Citkusev)
11 4/1 Overview of Network Security. Authentication Systems.
11 4/8 Security Standards. Kerberos. Public Key Infrastructure. IPsec. SSL/TLS
13 4/15 Electronic Mail Security. PEM, S/MIME. PGP
14 4/22 Web Security. Firewalls. Network Management Security
15 4/29 Exam3(Network Security) -

Course Grading

The actual grade will be determined based on the performance in the home works and the three exams.