Date |
Lectures Topics |
Notes |
|
Assignment |
9/26 |
Class
overview, motivation and overview of
trustworthy computing: security, privacy, reliability and business integrity |
[ppt] |
|
|
10/3 |
Security: cryptography -
Symmetric encryption -
Asymmetric encryption |
[ppt] |
Stallings, Chapter 2.1-2.3,
3.2-3.3 Stallings, Chapter 9 |
Homework 1 out |
10/10 |
Security: -
duties of care -
standards of care -
sources of security liability |
|
The Declan McCullagh, CNet,
September 16, 2003 http://news.com.com/2008-1014-5076942.html FTC
Obtains Order Barring Pop-up Spam Scam, Urges Consumers to Take Steps to
Protect Themselves, http://www.ftc.gov/opa/2003/11/dsquared.htm
Intel Corp. v. Hamidi, 30
Cal.4th 1342, 71 P.3d 296, 1 Cal.Rptr.3d 32, 148 Lab.Cas. P 59,756, 20 IER
Cases 65, 3 Cal. Daily Op. Serv. 5711, 2003 Daily Journal D.A.R.
7181, Cal., Jun 30, 2003 http://www.eff.org/spam/Intel_v_Hamidi/20011211_appellate_decision.pdf
eBay, Inc. v. Bidder's Edge, Inc., 100
F.Supp.2d 1058, 54 U.S.P.Q.2d 1798, N.D.Cal., May 24, 2000 http://pub.bna.com/lw/21200.htm Ticketmaster Corp. v. Tickets.com,
Inc., 2000 WL 1887522, 2000 Corp.L.Dec. P. 28,
146, C.D.Cal., Aug 10, 2000 http://gsulaw.gsu.edu/lawand/papers/su03/darden_thorpe/2003%20WL%2021406289.html
Darcangelo v. Verizon Communications, Inc., 292 F.3d 181 (4th Cir. 2002). http://caselaw.lp.findlaw.com/cgi-bin/getcase.pl?court=4th&navby=case&no=011679P
American Express Travel Related Services, Co., Inc.
v. Symbiont Software Group, Inc.,
et al., 837 So.2d 434 (Fla.3d D. 2002), rev. denied 851 So.2d 729 ( http://www.eff.org/legal/cases/US_v_Councilman/councilman_decision.pdf
Optional and supplementary readings: Code, Chapter 12, 17 |
Think about paper topic for 5-7 pg single spaced
paper |
10/17 |
Privacy: authentication,
authorization and accounting -
Digital
signatures -
One-way hashing
and message digest -
Authentication
and authorization |
[ppt] |
Stallings 11.4-11.5,
12.1-12.2 Stallings |
Homwork 1 in Homework 2 out |
10/24 |
Privacy: policy and legal issues -
Children’s Online Privacy Protection Act -
Child Internet Protection Act -
Gramm-Leach-Bliley Act -
Health Insurance Portability and Accountability Act -
Comparative discussion:
EU Data Directive and e-Commerce Directive -
|
|
U.S. v. Hershey Foods Corp., Civ. Action No. 4:03cv350 (M.D.
Penn. 2003). U.S. v. Mrs. Fields Famous Brands, Inc.,
Civ. Action No. 2:03 cv205 (D. Ut. 2003). In re: Pharmatrak, Inc., 329
F.3d 9 (1st Cir. 2003). http://www.ca1.uscourts.gov/cgi-bin/getopn.pl?OPINION=02-2138.01A
In re DoubleClick Search Term Begin Search
Term End Inc. Privacy Litigation, 154 F.Supp.2d 497 (S.D.N.Y.2001) http://www.nysd.uscourts.gov/courtweb/pdf/D02NYSC/01-03797.PDF and settlement agreement http://news.findlaw.com/wsj/docs/cyberlaw/agsdclick82602agr.pdf
In re Intuit Privacy Litig., 138 F.
Supp. 2d 1272, 2001 U.S. Dist. LEXIS 5828 (C.D. Cal. 2001). http://pub.bna.com/eclr/00123.htm
Trans
Union LLC v. Federal Trade Comm'n, 295 F.3d 42 (D.C. Cir. 2002). http://pacer.cadc.uscourts.gov/common/opinions/200207/01-5202a.txt
In re: Toysmart.com LLC, Debtor. Chapter 11 Case No. 00-13995-CJK (2000). Optional and supplementary reading: Code, Chapter 11 |
Email Prof. Matwyshyn proposed paper topic to matwyshyn@law.ufl.edu |
10/31 |
Reliability: network security -
Internet
vulnerability: malcode overview, viruses, worms, denial of service (DoS)
attacks -
Firewalls -
Intrusion
detection systems (IDS) |
Stallings A Taxonomy
of Computer Worms, N. Weaver, V. Paxson, S. Staniford, and R.
Cunningham, the First ACM Workshop on Rapid Malcode (WORM), 2003. Stallings Handout from |
Homework 2 in Homework 3 out |
|
11/7 |
Reliability -
Electronic contracting -
Internet jurisdiction |
|
Guest speaker: Josh
Benaloh, MSR ProCD, Inc. v. Zeidenberg, 86 F.3d 1447, 1451 (7th Cir.1996). http://laws.lp.findlaw.com/7th/961139.html
Register.com, Inc. v. Verio, Inc., 126 F.Supp.2d 238 (S.D.N.Y.2000). http://www.icann.org/registrars/register.com-verio/decision-23jan04.pdf
Specht v. Netscape Communications
Corp., 306 F.3d 17, 48 UCC Rep.Serv.2d 761, 2nd
Cir.(N.Y.), Oct 01, 2002. http://laws.lp.findlaw.com/getcase/2nd/case/017860v2&exact=1
Ticketmaster Corp. v. Tickets.Com,
Inc., 2003 WL 21406289, 2003 Copr.L.Dec. P
28,607, C.D.Cal., Mar 07, 2003. http://gsulaw.gsu.edu/lawand/papers/su03/darden_thorpe/2003%20WL%2021406289.html
Inset Systems, Inc. v. Instruction Set, Inc., 937
F.Supp. 161 (D.Conn., 1996).
http://cyber.law.harvard.edu/property00/jurisdiction/insetedit.html
Zippo Manufacturing
Co. v. Zippo Dot Com, Inc, 952 F. Supp. 1119
(W.D. Pa. 1997). http://cyber.law.harvard.edu/metaschool/fisher/domain/dncases/zippo.htm
Panavision Intern., L.P. v. Toeppen,141
F.3d 1316 (9th Cir.( Young v. New Haven Advocate, 315
F.3d 256 (4th Cir.( |
Work on paper |
11/14 |
Midterm |
Homework 3 in |
||
11/21 |
Midterm grading review Integrity: software
security -
Software
security principles -
Case study:
sendmail vs. qmail -
Buffer overflow |
1. Qmail handbook, Ch. 1, Introduction
to Qmail 2. Smashing
The Stack For Fun And Profit, Aleph One. |
|
|
11/28 |
Integrity -
Ethical security strategy -
-
Technology regulation theory |
|
Guest
speaker: Cem Paya, MPG Security Code
1-108 John
Perry Barlow, Declaration of Independence of Cyberspace, http://homes.eff.org/~barlow/Declaration-Final.html
Optional
and supplementary readings: David G.
Post, What Larry Doesn’t Get, 52 Stan. L. Rev. 1439 (2000). |
Work on paper |
Week of 12/5 |
Final /
Papers Due via email to Prof. Matwyshyn |
Notes: