Difference between revisions of "Soctech seminar, Winter 2005"

From PublicWiki
Jump to: navigation, search
 
m (Reverted edit of 204.182.125.140, changed back to last version by 128.208.3.71)
 
(76 intermediate revisions by 11 users not shown)
Line 1: Line 1:
'''[[Society and technology]] seminar ideas'''
+
'''[[Society and technology]] seminar: CSE 590 SO, Tue 12:30-1:20, [http://www.washington.edu/students/maps/map.cgi?CSE CSE] 403'''
  
At the [[Soctech:Meeting of 2004-08-06|August 6 meeting]] we resolved to plan a seminar (in CSE lingo, a "590", after the course number under which irregular seminars are listed) for Fall 2004 or Winter 2005.
+
'''Winter 2005: Computer security: legal and technical perspectives'''
  
The topic for the first offering will be the cluster of issues surrounding intellectual property law and open source softwareWe've heard some noises to the effect that there's a Technology & Law Society in the law school that's interested in talking to people in technology fieldsAssuming, for the moment, that the Tech & Law people get on board, then the purpose of this seminar would be to get cross-disciplinary dialogue between those two fields in particular.
+
In recent years, the insecurity of networked computers has emerged as a major issue on the national stage.  Software security flaws regularly make headlines, and incur tremendous social costs in money, time, privacy, and peace of mindWhy isn't software secure?  What can be done to make it secure?  The answers to these questions require an understanding of both technological issues, and the universe of social and legal issues that surround the technology.  This course aims to bring together people from law, computer science, and other backgrounds, so that both groups can bring their expertise to bear on the problem.  Enrollment is open to all students, and no prior expertise in law or computer science is expected.
  
10 week schedule:
+
The course will be divided into two segments:
# intro: what do computer scientists and programmers do when they work?
+
#In the first half, we will provide an overview of the technology issues to people with non-computer science backgrounds, and an overview of the law to people with non-legal backgrounds.  The goal of these sessions will be to provide a foundation of shared knowledge to all students, so that later discussions can build on that knowledge.
# intro: how do lawyers think about IP law?
+
#In the second half, students will lead/facilitate discussion on a number of targeted topics where the law and technology interact.  Enrolled students will work with course organizers to prepare their presentation.  Classes in the second half will be discussion-driven to the extent possible.
# ?
+
 
# ?
+
==Administrative info==
# ?
+
Winter quarter course registration SLN is 9266; see the [http://www.washington.edu/students/timeschd/WIN2005/cse.html CSE winter quarter time schedule] for details.
# ?
+
 
# ?
+
Course grading and credit-load policies: Subject to change, but variable credits are available to meet differing levels of participation:
# ?
+
*Sign up for 1 credit if you plan to attend, do the readings, and participate in discussions.
# ?
+
*Sign up for 2 credits if you wish to lead a discussion/present, OR write a short paper.
# ?
+
*Sign up for 3 credits if you wish to either (a) lead a discussion/present, AND write a short paper, or (b) write one long paper.
 +
The course is listed on the schedule as credit/no-credit, but we are investigating a graded option as well; if you want to take the course as a graded course, then enroll so we can get an accurate head count, and ''email Ben (brd at u.washington.edu), Caroline (cmbenner at u.washington.edu), or Keunwoo (klee at cs.washington.edu) so that we can notify you if/when the graded option becomes available.''
 +
 
 +
==Schedule overview==
 +
* '''4 Jan''' tech intro: thinking about security (presenter: Keunwoo)
 +
::Reading: Lessig ch. 7
 +
::Keunwoo's presentation slides: [http://www.cs.washington.edu/education/courses/cse590so/05wi/presentations/cse590so-lecture1.pdf PDF], [http://www.cs.washington.edu/education/courses/cse590so/05wi/presentations/cse590so-lecture1.ppt PowerPoint]
 +
* '''11 Jan''' tech intro: basic concepts of computer systems, from a security perspective (presenter: Keunwoo)
 +
::Reading: Schneier ch. 8-10, 13 (in-class handout; contact Keunwoo if you need this)
 +
::Keunwoo's presentation slides: [http://www.cs.washington.edu/education/courses/cse590so/05wi/presentations/cse590so-lecture2.pdf PDF], [http://www.cs.washington.edu/education/courses/cse590so/05wi/presentations/cse590so-lecture2.ppt PowerPoint]
 +
* '''18 Jan''' technical aspects of improving computer systems (presenter: Keunwoo)
 +
::Reading: Parnas, [http://doi.acm.org/10.1145/214956.214961 Software Aspects of Strategic Defense Systems]
 +
::Keunwoo's presentation slides: [http://www.cs.washington.edu/education/courses/cse590so/05wi/presentations/cse590so-lecture3.pdf PDF], [http://www.cs.washington.edu/education/courses/cse590so/05wi/presentations/cse590so-lecture3.ppt PowerPoint]
 +
* '''25 Jan''' Law intro: property rules & liability rules (presenter: Ben Dugan)
 +
::Reading: Polinsky, ''An Introduction to Law and Economics'', Chapters 3, 4, 6.
 +
::Presentation slides (next 3 sessions): [http://www.cs.washington.edu/homes/dugan/law-boot-camp.pdf PDF]
 +
* '''1 Feb''' Law intro: understanding negligence, strict liability, products liability (presenter: Ben Dugan)
 +
::Reading: Polinsky, Chapters 10, 12, 13.
 +
* '''8 Feb''' Vendor Liability (presenter: Prof. Jane Winn (Law))
 +
::Reading: HIPAA Security Rule Overview [http://www.hipaadvisory.com/regs/securityoverview.htm], Gramm-Leach-Bliley Safeguards Rule [http://www.ftc.gov/bcp/conline/pubs/buspubs/safeguards.htm]
 +
* '''15 Feb''' certification processes: products, processes, people (presenter: Erika, David)
 +
::Reading:
 +
::*Schneier, [http://www.schneier.com/essay-024.html A Cyber Underwriter's Lab?]
 +
::*[http://www.acm.org/serving/se_policy/selep_main.html USACM position paper on licensing software engineers]
 +
::*Voas, [http://www.stsc.hill.af.mil/crosstalk/1998/11/voas.pdf The Software Quality Certification Triangle]
 +
* '''22 Feb''' security processes in the real world (presenter: Ira)
 +
::Reading: Recently released FDA document: [http://www.fda.gov/cdrh/comp/guidance/1553.html
 +
Cybersecurity for Networked Medical Devices Containing Off-the-Shelf (OTS) Software], also [http://www.fda.gov/cdrh/consumer/geninfo.html General info on FDA regulation of medical devices]
 +
* '''1 Mar''' discussion
 +
::Homework: Watch Lazowska 12/02/04 lecture on cybersecurity, linked from [http://www.cs.washington.edu/education/courses/csep590tu/04au/lectures/ CSE 590 PTU 2004 lecture archive]
 +
* '''8 Mar''' criminal law (presenters: Floyd Short (law), Charlie Reis (CS))
 +
'''More in-depth planning and notes on the items above: see [[Software security seminar]]'''
 +
 
 +
==Mailing list==
 +
Visit
 +
:https://mailman.cs.washington.edu/mailman/listinfo/cse590so
 +
to sign up for the course mailing list.  You will need a UW NetID.  Contact Keunwoo if you have any difficulty signing up.
 +
 
 +
==Notes and discussion==
 +
*[[Topics the seminar could cover]]
 +
**Winter 2005: [[Software security]]
 +
**Spring 2005: [[Ebook seminar]]
 +
*[[Seminar planning--general discussion area]]
 +
*[[Action items]]
 +
*[[Agenda for upcoming meetings]]
 +
 
 +
 
 +
[[Category:Society and technology]]

Latest revision as of 01:05, 31 October 2005

Society and technology seminar: CSE 590 SO, Tue 12:30-1:20, CSE 403

Winter 2005: Computer security: legal and technical perspectives

In recent years, the insecurity of networked computers has emerged as a major issue on the national stage. Software security flaws regularly make headlines, and incur tremendous social costs in money, time, privacy, and peace of mind. Why isn't software secure? What can be done to make it secure? The answers to these questions require an understanding of both technological issues, and the universe of social and legal issues that surround the technology. This course aims to bring together people from law, computer science, and other backgrounds, so that both groups can bring their expertise to bear on the problem. Enrollment is open to all students, and no prior expertise in law or computer science is expected.

The course will be divided into two segments:

  1. In the first half, we will provide an overview of the technology issues to people with non-computer science backgrounds, and an overview of the law to people with non-legal backgrounds. The goal of these sessions will be to provide a foundation of shared knowledge to all students, so that later discussions can build on that knowledge.
  2. In the second half, students will lead/facilitate discussion on a number of targeted topics where the law and technology interact. Enrolled students will work with course organizers to prepare their presentation. Classes in the second half will be discussion-driven to the extent possible.

Administrative info

Winter quarter course registration SLN is 9266; see the CSE winter quarter time schedule for details.

Course grading and credit-load policies: Subject to change, but variable credits are available to meet differing levels of participation:

  • Sign up for 1 credit if you plan to attend, do the readings, and participate in discussions.
  • Sign up for 2 credits if you wish to lead a discussion/present, OR write a short paper.
  • Sign up for 3 credits if you wish to either (a) lead a discussion/present, AND write a short paper, or (b) write one long paper.

The course is listed on the schedule as credit/no-credit, but we are investigating a graded option as well; if you want to take the course as a graded course, then enroll so we can get an accurate head count, and email Ben (brd at u.washington.edu), Caroline (cmbenner at u.washington.edu), or Keunwoo (klee at cs.washington.edu) so that we can notify you if/when the graded option becomes available.

Schedule overview

  • 4 Jan tech intro: thinking about security (presenter: Keunwoo)
Reading: Lessig ch. 7
Keunwoo's presentation slides: PDF, PowerPoint
  • 11 Jan tech intro: basic concepts of computer systems, from a security perspective (presenter: Keunwoo)
Reading: Schneier ch. 8-10, 13 (in-class handout; contact Keunwoo if you need this)
Keunwoo's presentation slides: PDF, PowerPoint
  • 18 Jan technical aspects of improving computer systems (presenter: Keunwoo)
Reading: Parnas, Software Aspects of Strategic Defense Systems
Keunwoo's presentation slides: PDF, PowerPoint
  • 25 Jan Law intro: property rules & liability rules (presenter: Ben Dugan)
Reading: Polinsky, An Introduction to Law and Economics, Chapters 3, 4, 6.
Presentation slides (next 3 sessions): PDF
  • 1 Feb Law intro: understanding negligence, strict liability, products liability (presenter: Ben Dugan)
Reading: Polinsky, Chapters 10, 12, 13.
  • 8 Feb Vendor Liability (presenter: Prof. Jane Winn (Law))
Reading: HIPAA Security Rule Overview [1], Gramm-Leach-Bliley Safeguards Rule [2]
  • 15 Feb certification processes: products, processes, people (presenter: Erika, David)
Reading:
  • 22 Feb security processes in the real world (presenter: Ira)
Reading: Recently released FDA document: [http://www.fda.gov/cdrh/comp/guidance/1553.html

Cybersecurity for Networked Medical Devices Containing Off-the-Shelf (OTS) Software], also General info on FDA regulation of medical devices

  • 1 Mar discussion
Homework: Watch Lazowska 12/02/04 lecture on cybersecurity, linked from CSE 590 PTU 2004 lecture archive
  • 8 Mar criminal law (presenters: Floyd Short (law), Charlie Reis (CS))

More in-depth planning and notes on the items above: see Software security seminar

Mailing list

Visit

https://mailman.cs.washington.edu/mailman/listinfo/cse590so

to sign up for the course mailing list. You will need a UW NetID. Contact Keunwoo if you have any difficulty signing up.

Notes and discussion