Soctech seminar, Winter 2005
Winter 2005: Computer security: legal and technical perspectives
In recent years, the insecurity of networked computers has emerged as a major issue on the national stage. Software security flaws regularly make headlines, and incur tremendous social costs in money, time, privacy, and peace of mind. Why isn't software secure? What can be done to make it secure? The answers to these questions require an understanding of both technological issues, and the universe of social and legal issues that surround the technology. This course aims to bring together people from law, computer science, and other backgrounds, so that both groups can bring their expertise to bear on the problem. Enrollment is open to all students, and no prior expertise in law or computer science is expected.
The course will be divided into two segments:
- In the first half, we will provide an overview of the technology issues to people with non-computer science backgrounds, and an overview of the law to people with non-legal backgrounds. The goal of these sessions will be to provide a foundation of shared knowledge to all students, so that later discussions can build on that knowledge.
- In the second half, students will lead/facilitate discussion on a number of targeted topics where the law and technology interact. Enrolled students will work with course organizers to prepare their presentation. Classes in the second half will be discussion-driven to the extent possible.
Winter quarter course registration SLN is 9266; see the CSE winter quarter time schedule for details.
Course grading and credit-load policies: Subject to change, but variable credits are available to meet differing levels of participation:
- Sign up for 1 credit if you plan to attend, do the readings, and participate in discussions.
- Sign up for 2 credits if you wish to lead a discussion/present, OR write a short paper.
- Sign up for 3 credits if you wish to either (a) lead a discussion/present, AND write a short paper, or (b) write one long paper.
The course is listed on the schedule as credit/no-credit, but we are investigating a graded option as well; if you want to take the course as a graded course, then enroll so we can get an accurate head count, and email Ben (brd at u.washington.edu), Caroline (cmbenner at u.washington.edu), or Keunwoo (klee at cs.washington.edu) so that we can notify you if/when the graded option becomes available.
- tech intro: thinking about security
- Reading: Lessig ch. 7
- tech intro: software development and software reliability
- Schneier ch. 8-10, 13 (in-class handout; contact Keunwoo if you need this)
- Parnas, Software Aspects of Strategic Defense Systems
- technical aspects of improving computer systems
- law intro: contracts & torts
- law intro: economic legal philosophy
- vendor liability
- certification processes: products, processes, people
- criminal law approaches?
- public policy approaches
- quality of information in the computer security market
More in-depth planning and notes on the items above: see Software security seminar