Soctech seminar, Winter 2005

From PublicWiki
Revision as of 01:05, 31 October 2005 by Keunwoo (talk | contribs) (Reverted edit of, changed back to last version by

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Society and technology seminar: CSE 590 SO, Tue 12:30-1:20, CSE 403

Winter 2005: Computer security: legal and technical perspectives

In recent years, the insecurity of networked computers has emerged as a major issue on the national stage. Software security flaws regularly make headlines, and incur tremendous social costs in money, time, privacy, and peace of mind. Why isn't software secure? What can be done to make it secure? The answers to these questions require an understanding of both technological issues, and the universe of social and legal issues that surround the technology. This course aims to bring together people from law, computer science, and other backgrounds, so that both groups can bring their expertise to bear on the problem. Enrollment is open to all students, and no prior expertise in law or computer science is expected.

The course will be divided into two segments:

  1. In the first half, we will provide an overview of the technology issues to people with non-computer science backgrounds, and an overview of the law to people with non-legal backgrounds. The goal of these sessions will be to provide a foundation of shared knowledge to all students, so that later discussions can build on that knowledge.
  2. In the second half, students will lead/facilitate discussion on a number of targeted topics where the law and technology interact. Enrolled students will work with course organizers to prepare their presentation. Classes in the second half will be discussion-driven to the extent possible.

Administrative info

Winter quarter course registration SLN is 9266; see the CSE winter quarter time schedule for details.

Course grading and credit-load policies: Subject to change, but variable credits are available to meet differing levels of participation:

  • Sign up for 1 credit if you plan to attend, do the readings, and participate in discussions.
  • Sign up for 2 credits if you wish to lead a discussion/present, OR write a short paper.
  • Sign up for 3 credits if you wish to either (a) lead a discussion/present, AND write a short paper, or (b) write one long paper.

The course is listed on the schedule as credit/no-credit, but we are investigating a graded option as well; if you want to take the course as a graded course, then enroll so we can get an accurate head count, and email Ben (brd at, Caroline (cmbenner at, or Keunwoo (klee at so that we can notify you if/when the graded option becomes available.

Schedule overview

  • 4 Jan tech intro: thinking about security (presenter: Keunwoo)
Reading: Lessig ch. 7
Keunwoo's presentation slides: PDF, PowerPoint
  • 11 Jan tech intro: basic concepts of computer systems, from a security perspective (presenter: Keunwoo)
Reading: Schneier ch. 8-10, 13 (in-class handout; contact Keunwoo if you need this)
Keunwoo's presentation slides: PDF, PowerPoint
  • 18 Jan technical aspects of improving computer systems (presenter: Keunwoo)
Reading: Parnas, Software Aspects of Strategic Defense Systems
Keunwoo's presentation slides: PDF, PowerPoint
  • 25 Jan Law intro: property rules & liability rules (presenter: Ben Dugan)
Reading: Polinsky, An Introduction to Law and Economics, Chapters 3, 4, 6.
Presentation slides (next 3 sessions): PDF
  • 1 Feb Law intro: understanding negligence, strict liability, products liability (presenter: Ben Dugan)
Reading: Polinsky, Chapters 10, 12, 13.
  • 8 Feb Vendor Liability (presenter: Prof. Jane Winn (Law))
Reading: HIPAA Security Rule Overview [1], Gramm-Leach-Bliley Safeguards Rule [2]
  • 15 Feb certification processes: products, processes, people (presenter: Erika, David)
  • 22 Feb security processes in the real world (presenter: Ira)
Reading: Recently released FDA document: [

Cybersecurity for Networked Medical Devices Containing Off-the-Shelf (OTS) Software], also General info on FDA regulation of medical devices

  • 1 Mar discussion
Homework: Watch Lazowska 12/02/04 lecture on cybersecurity, linked from CSE 590 PTU 2004 lecture archive
  • 8 Mar criminal law (presenters: Floyd Short (law), Charlie Reis (CS))

More in-depth planning and notes on the items above: see Software security seminar

Mailing list


to sign up for the course mailing list. You will need a UW NetID. Contact Keunwoo if you have any difficulty signing up.

Notes and discussion