| Date | Instructor | Topic | Reading | Notes |
| Mon Aug 24 | LB,DF | Introduction | CMU Computing Policy | |
| CMU Policy on Cheating | ||||
| Wed Aug 26 | LB | Security properties; grand challenges | ||
| Mon Aug 31 | DF | History of the internet | A History of the Internet: 1962--1992 | no reading critique |
| Wed Sep 2 | DF | Internet governance | impromptu lecture | |
| Mon Sep 7 | No class (Labor Day) | |||
| Wed Sep 9 | LB | Cryptography | optional: Chp 1-2 of Goldwasser & Bellare's Lecture Notes on Cryptography | |
| optional: Chp 1-2 of the Handbook of Applied Cryptography | ||||
| Mon Sep 14 | LB | Cryptography | ||
| Wed Sep 16 | LB | Cryptography | ||
| Mon Sep 21 | LB | Side channel attacks | optional: Bleichenbacher 1998 | |
| Wed Sep 23 | LB | Cryptographic protocols | Abadi & Needham 1996 | |
| Vaudenay 2002 | ||||
| Mon Sep 28 | DF | Introduction to policy | Administrative Procedures Act | |
| The Federal Communications Commission | ||||
| Wed Sep 30 | AD | Cryptographic protocols in practice, anonymity | Chaum 1981 | |
| Dingledine et al. 2004 | ||||
| Mon Oct 5 | LB | Firewalls | ||
| Wed Oct 7 | LB | Network intrusion detection | Ptacek & Newsham 1998 (except Sec 7, 8) (goes with Oct 5 lecture) | |
| Mon Oct 12 | Watson et al. 2004 (goes with Oct 7 lecture) | |||
| Wed Oct 14 | Midterm exam | |||
| Mon Oct 19 | LB | Access control | Lampson et al. 1992 (except Sec 4) | |
| Wed Oct 21 | LB | Access control | ||
| Mon Oct 26 | LB | Access control | ||
| Wed Oct 28 | LB | Buffer overflows | Aleph One 1997 | |
| Mon Nov 2 | JM | Trusted computing platform | McCune et al. 2007 | |
| Grawrock. The Intel Safer Computing Initiative, Chp. 8. (on Blackboard) | ||||
| Wed Nov 4 | DF | Trusted computing platform policy | Anderson 2003 | |
| Mon Nov 9 | DF | Wiretap laws | EFF's Surveillance Self Defense site | |
| Wed Nov 11 | LB | Virtual machines | Wahbe et al. 1994 | no reading critique |
| Garfinkel and Rosenblum 2003 | ||||
| Mon Nov 16 | LB | Java security | Wallach & Felten 1998 | |
| Securing Java, chp. 1--2 (optional) | ||||
| Wed Nov 18 | LC | Usability | Lampson 2009 | |
| Edwards et al. 2007 | ||||
| Mon Nov 23 | LB | Web security | ||
| Wed Nov 25 | No class (Thanksgiving holiday) | |||
| Mon Nov 30 | DF | Current policy issues | ||
| Wed Dec 2 | LB | Wrap-up | ||
| Fri Dec 11 | Final exam (5:30-8:30pm, location TBA) | |||
| AD = Anupam Datta | ||||
| DF = Dave Farber | ||||
| LB = Lujo Bauer | ||||
| LC = Lorrie Cranor | ||||
| JM = Jon McCune | ||||