The course will examine applied security in the broad sense using a case-study approach; the course will not be restricted narrowly to mathematical cryptology. The goal of the course is to help students learn how to use standard principles and cryptographic tools to design, build, and evaluate practical computer systems that have significant security requirements.
Each student will research, write-up, and present a detailed case study of a practical computer system that uses security in an essential way. Examples will be drawn from ecommerce, communications security, ebanking, evoting, email, smart cards. Emphasis will be on the objectives, application, tools, engineering constraints, and evaluation of such security systems in practice. For example, one project might examine the (flawed) security system used to protect DVDs.
No prior experience in cryptology is required. Students are expected to have met the basic admissions requirements for the MS or PhD program in computer science at UMBC (including, for example, undergraduate courses in algorithms, discrete math, and computer systems).
Grades will be based on the term project and class participation. There will be no exams nor weekly written homework.
This edition of CMSC-652 is a significant change from previous editions. The new informal course title "Applied Security" reflects these changes (the previous informal course title was "Cryptology"). As such, the existing official catalog description of CMSC-652 is no longer representative. Officially, the university still calls this course "Cryptography and Data Security."