CS342

Computer Security and Privacy

Faculty

Ada Lerner

alerner@wellesley.eduPronouns: they/them or she/her

Call me “Ada”, unless you’re more comfortable addressing me with greater formally as "Professor Ada" or "Professor Lerner". Please use the level of formality that makes you comfortable.

Time and Space

Because we have students from many timezones in the class, CS342 is fully asynchronous this term. I will send out readings and recorded mini-lectures on the material, and that there will not be any times that the entire class meets together on Zoom at the same time. However, we'll still be engaged in extensive groupwork throughout the term, and so I will ask you to commit to block off several times in your schedule when you promise to be available for Collaboration Hours to meet with your groupmates. I will also be available at group-work hours to answer your questions and provide help - the purpose of these times is to substitute for time you would ordinarily have to work together in groups during scheduled class time. The datetimes of Collaboration Hours, as well as a link to the Zoom meeting we'll be using for them, can be found on Piazza.

We'll communicate using Zoom for synchronous communications (office hours and group-work hours) and using Piazza for asynchronous communications (announcements, asking for help, posting recorded lectures, etc.). Sign up for the Piazza here: piazza.com/wellesley/fall2020/cs342

Learning Goals

Best practices for teaching indicate the importance of concrete, assessable learning goals. Below I list the the high level learning goals for CS342. These goals form the basis on which I construct course activities. Additionally, my job as an educator is to help both you and me effectively evaluate your learning so that you can master the skills of the course, and these learning goals form the basis on which those evaluations take place.

A student who completes this course should be able to:

  • Use the security mindset to analyze assumptions, find vulnerabilities, and identify privacy concerns in technical and non-technical systems of many kinds.

  • Use threat modeling to perform risk analysis and weigh tradeoffs involved in building, deploying, and defending technical systems.

  • Recognize, critique, and improve on systems and practices which raise ethical concerns within the field of computing and around security and privacy.

  • Reason about social, legal, human, and technical factors to analyze the roles and values of all stakeholders for a system, including designers, implementers, regulators, and users, including diverse users such as marginalized and vulnerable populations.

  • Describe the mathematical underpinnings of cryptography, identify cases where cryptography is or should be used, discuss the guarantees that cryptography provides, and recognize common pitfalls and misuses of cryptography and their harms.

  • Discover technical security vulnerabilities in computer systems; implement attacks which exploit those vulnerabilities to compromise systems; and design and implement defenses against such vulnerabilities and attacks.