STAND APART

Protocols for authenticating machines play an important role in systems security, and this course will focus on various aspects of this challenge. Using case studies of protocols that work and that have failed will help you to acquire the skill — and the skepticism — necessary to analyze and deploy authentication protocols successfully. In this course, you will investigate shared key and public key cryptography along with the trade-offs associated with these different types of keys. You will also examine some of the standard cryptographic building blocks and their use.

The following course is required to be completed before taking this course:

• Systems Security

If an attacker can masquerade as an authorized user of a system, then many other defenses become irrelevant. This course addresses how a computing system can authenticate a human user, discussing implementations of mechanisms as well as their privacy implications. You will explore the protocols of passwords, biometrics, and tokens, along with their combination as multifactor authentication.

The following course is required to be completed before taking this course:

• Systems Security

Additionally, you are required to have completed the following course or have equivalent experience:

• Authenticating Machines

Access control mechanisms ensure that a user is able to read and/or update only certain objects. With discretionary access control, it is the creator of an object who decides which other users should have access. A broad set of mechanisms have been developed to enforce discretionary access control in a computing system. This course will survey the two approaches widely used in these mechanisms: access control lists and capabilities. Through the use of case studies, you will review the pragmatics of implementations in processor hardware, operating systems, and programming languages.

It is recommended to only take this course if you have completed “Systems Security,” “Authenticating Machines,” and “Authenticating Humans,” or have equivalent experience.

Sometimes the owner of an object is not, in fact, the one to determine who should get access to that object; rather, it is an institutional policy that dictates that decision. This form of access control is known as mandatory access control, and it is frequently used in business and military settings. In this course, you will review various forms of mandatory access control policies and their implementations, including multilevel security, commercial, and role-based access control schemes.

It is recommended to only take this course if you have completed “Systems Security,” “Authenticating Machines,” “Authenticating Humans,” and “Discretionary Access Control,” or have equivalent experience.

Vulnerable systems are made secure by employing enforcement mechanisms. Beyond enforcement mechanisms for authentication and for authorization, this course will explore the use of mechanisms for protecting the integrity of systems and, thus, preventing an attacker from circumventing controls. You will learn about the three primary classes of enforcement mechanisms — mediation/monitoring, isolation, and asymmetry — and discuss how they are deployed in systems today.

It is recommended to only take this course if you have completed “Systems Security,” “Authenticating Machines,” “Authenticating Humans,” “Discretionary Access Control,” and “Mandatory Access Control,” or have equivalent experience.