Lecturer	Clark Thomborson
Office hours	Mon 2-3pm and Wed 3-4pm, in room 303S.593
Scheduled lectures	Time Room Monday 12-1pm 303S.279 Wednesday 4-5pm 303S.279 Friday 3-4pm 303S.279
Assessment	60% examination, 25% project, 15% seminar.
Exam date	(to be advised)
Texts recommended	Mark Stamp, Information Security: Principles and Practice, John Wiley & Sons, Inc., September 2005, ISBN: 0-471-73848-4. Students will read approximately 30 technical articles during the first eight weeks of this paper. These will be the basis of our in-class discussions. Most of these articles are available online; I will hand out hardcopies of the other articles. Please note that the licenses of some of our Library's online databases do not grant permission to make additional copies, even for classroom use.  Students will have to download these articles through http://www.library.auckland.ac.nz/.
Description	Software security is taking on new importance as e-commerce moves from hype to reality. Software systems are susceptible to a variety of attacks including eavesdropping, playback, denial of service, and unauthorised use. In this paper we will survey the field of software security, with a particular focus on technical and legal means for protection against unauthorised use. Topics include denial of service, privacy violations, primary and collateral damage; eavesdropping, playback, binary tampering during delivery, introduction of hostile code, malicious hosts; unauthorised use by copying, dongle mimicry, decompilation and recompilation, reverse engineering; software patents, copyrights, trade secrets; sandbox, blackbox, and cryptographic security; steganography; obfuscation, robust and fragile watermarks, fingerprints.
Policy on Cheating and Plagiarism	The University of Auckland will not tolerate cheating, or assisting others to cheat, and views cheating in coursework as a serious academic offence. The work that a student submits for grading must be the student's own work, reflecting his or her learning. Where work from other sources is used, it must be properly acknowledged and referenced. This requirement also applies to sources on the world-wide web. A student's assessed work may be reviewed against electronic source material using computerised detection mechanisms. Upon reasonable request, students may be required to provide an electronic version of their work for computerised review. See http://www.cs.auckland.ac.nz/CheatingPolicy.php for more information.