UTSA CS 6463 Access Control and Trust Negotiation: Theory and Practice Syllabus Spring 2007

Syllabus

CS 6463 Access Control and Trust Negotiation: Theory and Practice

Spring 2007

Instructor: Dr. William H. Winsborough
Class Periods: MW 7:00 - 8:15pm
Lecture Hall: SB 2.02.10
Course Homepage: http://www.cs.utsa.edu/~winsboro/teaching/CS6463-S07/
Prerequisite: Consent of instructor.
Text: None. This course will be based on papers from the research literature and readings placed on reserve in the library.

Instructor Office: SB 4.01.26
Office Hours: MW 4-5pm and by appointment
Phone: (210) 458-5659
Email Address: winsboro at cs dot utsa dot edu

Course Objective:

To become acquainted with techniques, goals, fundamental results, and current research issues in authorization, access control, trust negotiation, and related security systems.
To develop research skills such as the ability to read and understand computer science research literature, critical thinking, and articulation of one's ideas and analyses in both oral and written form.
To serve as an introduction to an area in which research opportunities exist at UTSA.

Course Description: Access control is one of the most important and pervasive security technique. It is used in almost all information systems where security is a concern. This course begins by introducing many of the fundamental results in access control. With this perspective, we then turn to trust negotiation, which is an approach to managing trust establishment in distributed environments such as networks that span multiple domains. In this context, much of the information about the requester of a service, which may be needed in order to decide whether the service should be authorized, is itself sensitive information that must be protected from unauthorized access. This creates a kind of chicken-and-egg situation where the very information needed for making access control decisions may itself be subject to access control. Many interesting protocols and negotiation strategies have been developed to enable authorization nevertheless to be granted. However this is an area where much work still needs to be done, making it of particular interest to students looking for thesis and dissertation topics. The course will additionally provide an introduction to the closely related area of Identity Management Systems.

This course does not significantly overlap with the course CS 6463 on trust management also taught by the instructor, nor does it require that or any other course as a prerequisite.

Course Activities:

Assignments. These may ask you to work some exercises, or to read a paper and either answer some questions about it or write a review or synopsis of the paper.
Paper presentations. Each student will be required to give one or two presentations summarizing papers assigned for the whole class to read.
Participation in discussions. The course will devote one or more lecture periods to each paper. Although our consideration of each paper will begin with a presentation of each paper by either the instructor or a student, the following discussion will require a high degree of student participation, particularly with respect to the assessment of the papers. Though the discussions will be lead by the instructor, all students will be expected to participate and to cooperate with the group as we strive to share a stimulating and insightful analytical experience. Note that attendance is mandatory.
Class project. Each student will complete a class project, the content of which will be agreed upon with the instructor. Typical examples would be to develop a small application by using one or more trust negotiation software packages, or to write a paper comparing and contrasting trust negotiation techniques and discussing their advantages and disadvantages. The project should be seen as an opportunity to taylor the course content to the taste of the individual student.

Grading:

Assignments: 25%
Paper presentations: 25%
Participation in discussion: 20%
Class project: 30%