The course is held over six weeks and will provide the following:
- Five modules covering 14 topic areas with 12 hours of video
- Assessments to reinforce key learning concepts of each module
- Case studies
- Discussion forums for participants to discuss thought-provoking questions posed by the MIT faculty teaching the course; share, engage, and ideate with other participants
- Community Wiki for sharing additional resources, suggested readings, and related links
Participants will also take away:
- Program materials: PDFs of faculty PowerPoint presentations, and resources presented in the course Wiki.
- 90 day access to the archived course (includes videos, discussion boards, content, and Wiki)
- Complete Course Transcript: In addition to synchronized video transcripts, participants will also receive a compiled transcript of all course lectures.
Taking into consideration various time zones, this course is self-paced with online accessibility 24/7. Lectures are pre-taped and you can follow along when you find it convenient as long as you finish by the course end date. You may complete all assignments before the course end date, however, you may find it more beneficial to adhere to a weekly schedule so you can stay up-to-date with the discussion forums. There are approximately two hours of video every week. Most participants will spend about four hours a week on course-related activities.
Please note that the edX platform uses Coordinated Universal Time (UTC), which is 5 hours ahead of Eastern Standard Time (EST) and 4 hours ahead of Eastern Daylight Time (EDT). To convert times to your local time zone, please use the following tool: http://www.timeanddate.com/worldclock/converter.html
In order to access our courses, you must have a connection to the Internet. Videos are only available via online streaming - you will not be able to download videos for viewing offline. Please take note of your company's restrictions for viewing content and/or firewall settings.
Our courseware works best with current versions of Chrome, Firefox, or Safari, or with Internet Explorer version 10 and above. For the best possible experience, we recommend switching to an up-to-date version of Google Chrome. If you do not have Chrome installed you can get it for free here:http://www.google.com/chrome/browser/
We are unable to fully support access with mobile devices at this time. While many components of your courses will function on a mobile device, some may not.
Modules, Topics, and Faculty
MODULE ONE: Introduction
The introductory module aims to give a broad survey of the course and of cybersecurity challenges and opportunities.
Introduction: Cybersecurity (Howard Shrobe)
- Learning from the past: Multics
- Examples of what can go wrong
- Capability architectures
- Tagged architectures, including Memory safety, Type safety, Information flow, and “Zero Kernel”
Security Overview (Srini Devedas)
- Why security is a hard goal to achieve
- Broad strategies that one can employ to create secure systems
MODULE TWO: Systems Security
The systems security module surveys the system development side of cybersecurity.
Hardware Architectures for Security (Howard Shrobe)
- How novel hardware architectures can help to enforce the security properties that Operating Systems and Programming Languages expect, including memory safety, type safety, information flow, and access control
- How to enforce properties in hardware can be much more systematic and dramatically more efficient than enforcement by software alone
Operating Systems Security (Frans Kaashoek)
- Taking a global, systems-wide view of security. Viewing security as a "negative goal," considering all possible paths to security breaches- permissions, access, trojans, bugs, and many others
- Discussion of various design approaches to securing systems, including complete mediation, separation privilege, and minimizing the trusted computer base
Verifying Systems (Adam Chlipala)
- How to formulate requirements on secure behavior of C-like programs as rigorous logical formulas
- How to argue that programs meet such requirements
Secure Programming Languages (Armando Solar Lezama)
- Languages and low-level security properties
- Languages and high-level security properties
- Type safety
MODULE THREE: Cryptography and Network
This module is on algorithms for secure computation and security challenges in network and protocol design.
Public Key Cryptography (Ron Rivest)
- A quick overview of basic public-key cryptography, including
the RSA and El-Gamal public-key cryptosystems, relevant
number theory, security definitions, and complexity assumptions
- A brief intro to more advanced notions, such as digital signatures,
certificates, homomorphic encryption, and elliptic curves
Multi-party Computation, Secret Sharing, Distributed Trust (Shafi Goldwasser)
- A cryptographic paradigm shift: from communication of private data to computation over private data
- How to define secure multiparty computation and its applications
- How to achieve multi-party secure computation through polynomial secret sharing and computation on shares
- Using the principles of multiparty computation to distribute trust and power
Homomorphic and functional encryption (Vinod Vaikuntanathan)
- Solving the all or nothing paradigm of encryption - how do we keep data secure, while allowing computations on underlying data: how to “have your cake and eat it too”
- Discussion on the developments in homomorphic encryption from the ‘80s through today, and constructing partially and fully homomorphic crypto-systems
How functional encryption systems can grant third-party access to only the precise information it needs to perform a task
Network Security and Protocol Design (Dave Clark)
- What the different aspects of network security are and what mechanisms are used to address them
- Why the current state of network security is so poor
MODULE FOUR: Case Studies
This systems module discusses solutions to security in several domains.
Bitlocker (Nickolai Zeldovich)
- Discussion of the challenges of building a disk encryption system using passwords, removable devices and trusted hardware methods
- Overview of the Trusted platform method and case study of how BitLocker uses this method
- How BitLocker actually encrypts data using the ‘poor man’s authentication’ method
Resilient Software (Martin Rinard)
- An explanation of how errors can cause serious security vulnerabilities using examples of buffer and integer overflow errors
- Overview of methods to automatically find and patch these errors, including transferring correct code from one application to another, and generating patches to identify errors and produce the correct output
- Discussion of how automating these difficult and expensive manual tasks can produce software that is more reliable and secure, with enhanced functionality
Web security (Daniel Jackson)
- What makes web applications especially vulnerable to attack
- How attacks against web applications work: two broad classes
- How to defend against attacks, at the design and implementation levels
Mobile Phone Security (Nickolai Zeldovich)
- Discussion of the unique characteristics of a mobile phone that necessitate different applications from existing desktop or web applications
- Case study of how computer system security works in mobile phones, using the Android's application model, and mechanisms used by Android to secure data while allowing applications to share information
- A look back on Android’s development: What worked? What didn’t work? What changes have been made to overcome challenges?
MODULE FIVE: Policy
This systems module discusses policy aspects of cybersecurity.
Management, Strategy and Organizational Issues (Michael Siegel)
- Security of conventional information systems is recognized as important, but is still not fully effective.
- The number and magnitude of recent cyber-attacks (Target, Home Depot, SONY, etc.) is growing weekly. Also there is growing concerns for the security of our Cyber-Physical Infrastructure and increase exposure from the IoT (Internet of Things).
- At the same time it has become more apparent that people represent the weakest link in the security stack. In this module we examines managerial, strategic and organizational issues that can help improve performance and reduce the growing cyber threat.
The Landscape of Cyber Policy (Danny Weitzner)
- Inquiring into the role public policy plays in sustaining and securing the Internet
- Reviewing six key policy goals embodied in today’s digital communications environment, how they arose, and what keeps them on track
- Exploring the way progress requires policymakers to understand the background against which new rules are made
Who can register for this course?
Unfortunately, US sanctions do not permit us to offer this course to learners in or ordinarily residing in Iran, Cuba, Sudan, and the Crimean region of Ukraine. MIT Professional Education truly regrets that US sanctions prevent us from offering all of our courses to everyone, no matter where they live.
What do I need to do to register for the course?
Go to mitxpro.mit.edu and click on the program title. Then click “Enroll Now.” You may be prompted to first register for a MIT xPRO account if you do not have one already. Complete this process, then continue with checkout and pay for the course. After you complete registration, you will receive a purchase receipt and confirmation/instructions via email.
How do I register a group of participants?
For a group of 5 or more individuals, you can pay via invoice. To be invoiced, please email email@example.com with the number of individuals in your group, and instructions to register will be provided. Please note that our payment terms are net zero, and all invoices must be paid prior to the course start date. Failure to remit payment before the course begins will result in removal from the course. No extensions or exceptions will be granted.
What is the registration deadline?
Individual registrations must be completed by October 23, 2017. For group sales, purchases can take place up until October 22, 2017. Please note that once registration has closed, no late registrations or cancellations will be granted.
How should I pay?
Individual registrants must complete registrations and pay online with a valid credit card at the time of registration. MIT xPRO accepts globally recognized major credit or debit cards that have a Visa, MasterCard, Discover, American Express or Diner's Club logo.
Invoices will not be generated for individuals, or for groups of less than 5 people. However, all participants will receive a payment receipt. Payment must be received in full; payment plans are not available.
When will I get access to the course site?
Instructions for accessing the course site will be sent to all paid registrants via email prior to the program start date. If you have not received these instructions, visit your account dashboard to login and begin the course on the advertised start date.
I need to cancel my registration. Are there any fees?
Cancellation requests must be submitted to firstname.lastname@example.org. Cancellation requests received after October 23, 2017 will not be eligible for a refund. To submit your request, please include your full name and order number in your email request. Refunds will be credited to the credit card used when you registered and may take up to two billing cycles to process. MIT xPRO and edX have no obligation to issue a refund after October 23, 2017.
Can I transfer/defer my registration for another session or course?
Admission and fees paid cannot be deferred to a subsequent session; however, you may cancel your registration and reapply at a later date.
Can someone else attend in my place?
We cannot accommodate any substitution requests at this time. Please review the time commitment section and course schedule
How do I know if this course is right for me?
Carefully review the course description page, which includes a description of course content, objectives, and target audience, and any required prerequisites.
Are there prerequisites or advance reading materials?
MIT xPRO strongly recommends a bachelor’s degree in computer science and three years’ minimum work experience, but the course is open to any interested participant. No advance reading is required.
What is the time commitment of this course?
MIT xPRO programs are designed to fit the schedules of busy professionals. That’s why each course is self-paced and available online 24 hours a day, 7 days a week. This course is held over six weeks, and is entirely asynchronous. Lectures are pre-taped and you can follow along when you find it convenient, as long as you finish all required assignments by assigned due date at the end of the course. While you may complete all the assignments in rapid succession, most participants find it beneficial to adhere to the weekly schedule and participate in online discussion forums along the way. There are approximately two hours of video every week. You will spend additional time on multiple choice assessments, readings, and discussion forums. Most participants will spend about 3 - 4 hours a week on course-related activities.
How many hours per week will I have class or homework?
There are approximately two hours of video every week. You will spend additional time on multiple choice assessments, readings, and discussion forums. Most participants will spend about four hours a week on course-related activities.
How long will the course material be available online?
The materials will be available to registered and paid participants for 90 days after the course end date, December 12, 2017. No extensions may be granted.
What reference materials will be available at the end of the course?
Participants will have 90-day access to the archived course (includes videos, discussion boards, content, and Wiki).
What materials will participants keep at the end of the course?
Participants will take away program materials: PDFs of faculty PowerPoint presentations, and resources presented in the course Wiki.
Will I receive an MIT xPRO Certificate?
Participants who successfully complete the course and all assessments will receive a Certificate of Completion. This course does not carry MIT credits or grades, however, an 80% pass rate is required in order to receive a Certificate of Completion.
Will I receive MIT credits?
This course does not carry MIT credits. Participants may not imply or state in any manner, written or oral, that MIT or MIT xPRO is granting academic credit for enrollment in this professional course. None of our programs award academic credit or degrees. Letter grades are not awarded for this course.
After I complete this course, will I be an MIT alum?
Participants who successfully complete an online course are considered MIT xPRO Alumni. Only those who complete an undergraduate or graduate degree are considered MIT alumni.
Are video captions available?
Each video for this course has been transcribed and the text can be found on the right side of the video when the captions function is turned on. Synchronized transcripts allow students to follow along with the video and navigate to a specific section of the video by clicking the transcript text. Students can use transcripts of media-based learning materials for study and review.
Access our courses requires an Internet connection, as videos are only available via online streaming, and cannot be downloaded for offline viewing. Please take note of your company's restrictions for viewing content and/or firewall settings. Or courseware works best with current versions of Google Chrome, Firefox, or Safari, or with Internet Explorer version 10 and above. For the best possible experience, we recommend switching to an up-to-date version of Chrome. If you do not have Chrome installed, you can get it for free here: http://www.google.com/chrome/browser/
We are unable to fully support access with mobile devices at this time. While many components of your courses will function on a mobile device, some may not.
I have never taken a course on the edX platform before. What can I do to prepare?
Prior to the first day of class, participants can take a demonstration course
on edx.org that was built specifically to help students become more familiar with taking a course on the edX platform.
What are the technical requirements to participate in this course?
Our courseware works best with current versions of Google Chrome, Firefox, or Safari, or with Internet Explorer version 10 and above. For the best possible experience, we recommend switching to an up-to-date version of Chrome. If you do not have Chrome installed, you can get it for free here: http://www.google.com/chrome/browser/