Important Site Links

Information Trust Institute: University of Illinois at Urbana-Champaign

Short Course: Security Essentials for Computer Users

COURSE DESCRIPTION:

This course provides a comprehensive introduction to computer security for professional staff using computers. After introducing basic concepts related to information assurance, the course identifies important security and privacy concerns at the workplace, and introduces users to countermeasures and safe practices to reduce the risk associated with information exposure. It educates users about security problems by highlighting common indications that they may be attacked and what they can do to protect their computers, accounts and communication. Specifically, it focuses on safe practices and security concerns related to accessing computer accounts, choosing and updating passwords, using keycards, keys, physical security, email attachments, confidentiality and integrity of communication, encryption use, SSH, SSL, security advisories, anti-virus software, firewalls, personal firewalls, spam filtering, spyware, VPNs, risk analysis, patching, and security updates. Practical advice includes where to get help, and Windows and Unix Security good practices.

PREREQUISITE: Familiarity with computers and applications

HIGH-LEVEL COURSE OUTLINE AND TIMETABLE:

8 web or live sessions of 50 minutes including quizzes, discussions, and examples.

  1. Security Essentials: Introduction
    1. Why is Security Important?
    2. Why Should You Care about Computer Security?
    3. What Are You Protecting Against? Assets Threats and Vulnerabilities
    4. Top 20 Vulnerabilities
  2. Security Policies and Compliance
    1. Common Indications That You May Be Attacked
    2. Security Policies: Integrity, Confidentiality, and Availability
    3. Security Mechanisms: Access Control, Authentication, Auditing
    4. Security Plan
  3. Vulnerability, Threats, and Protection Models
    1. Physical Security
    2. Restricted Access Technology
    3. Personnel Security Practices
  4. Access Control
    1. Authentication, Passwords, Keycards
    2. Challenge-response Systems
    3. Communication Security
  5. Information and Law
    1. Rights
    2. Privacy
    3. Computer Crime
  6. Protection for Computer Objects
    1. Copyright
    2. Patents
    3. Digital Millenium Copyright Act (1998)
    4. Ethical Issues
  7. Best Practices Associated With
    1. Computer Accounts,
    2. Passwords,
    3. Keycards,
    4. Keys,
    5. Physical Security,
    6. Email Attachments,
    7. Encryption Use, SSH, SSL,
    8. Security Advisories,
    9. Anti-virus Software,
    10. Firewalls, Personal Firewalls, Spam Filtering, Spyware,
    11. VPNs,
    12. Risk Analysis,
    13. Patching and Security Updates.
  8. Practical Advice Iincludes Where to Get Help
    1. Windows and Unix Security Good Practices Guidelines.
    2. Summary and Concluding Remarks

Instructor Biography

Roy H. Campbell is Abbasi Professor in Computer Science in the Department of Computer Science at the University of Illinois. He is an IEEE Fellow, a member of the ACM, and a member of IFIP Working Group 10.3. He received his Honors B.S. Degree in Mathematics, with a Minor in Physics, from the University of Sussex in 1969 and his M.S. and Ph.D. Degrees in Computer Science from the University of Newcastle upon Tyne in 1972 and 1976, respectively. In 1976 he joined the faculty of the University of Illinois. He has supervised the completion of 31 Ph.D. dissertations and over 123 M.S. theses. He is the author of over 228 research papers on security, programming languages, software engineering, operating systems, distributed systems, and networking.  His past research accomplishments include path expressions, various deadline and error recovery mechanisms for asynchronous processes, the Choices object-oriented operating system, the VDP protocols for streaming audio and video used by Vosaic LLC, dynamic TAO, 2K (a distributed object operating system), UIUC Sesame (a Java implementation of Sesame security protocols), and the Seraphim active security policies.  His current research projects include the Gaia project on active spaces, authentication for mobile sensors, security interoperability, security policies, and active security in active networks. He is an active participant in the department's distance learning program.

Professor Campbell is director of the NSA-designated University of Illinois Center of Academic Excellence in Information Assurance Education.