TC2010 : Computer and Information Security Academic department: Tecnologías Computacionales C - L - U: 3 - 0 - 8 Programs: 6 ISC05, 6 ISI05, 6 ITC05 Prerequisites: ( TC2002 and TC2008 ) Equivalences: None. Course intention within the general study plan context: Intermediate level course, that when the student completes he will have acquires the competencies needes to perform the activities of his discipline in a safe way and guarantee confidentiality, integrity, and information availabiity. As course learning result the student will: Present a basic safe policy of a determined organization. Elaborate a report of the vulnerabilities detected in a computer and propose the actions needes to mitigate them. Present a report explaining the information produced by the IDS and propose a mixture of the generic "firewall" rules to mitigate the identified attacks. Elaborate a report that identifies, in a prototypical scenario, if the present informatics security legislation is being complied with. Course objective: At the end, the student will have a general vision of informatics security with the necessary foundations to understand the risks, threats, vulnerabilities at with computational systems are faced, besides, the controls and methods of protection against possible attacks, that are necessary to the correct functioning of this systems in modern business. Additional to this, the student will be presented an introduction of the actual state of the laws that are incumbent on the security of information systems in the national and international environment Course topics and subtopics: 1. Basic concepts a. Definition of informatics security b. Physical security vs. Logical security c. Objectives of informatics security d. Treats, vulnerabilities and risks 2. Strategies of informatics security a. Risk analysis b. Security policies c. Security mechanisms d. Results evaluation 3. Informatics security mechanisms a. Prevention mechanisms b. Detection mechanisms c. Restore mechanisms 4. Actors in informatics security a. Hackers and crackers b. White-hat, black-hat, gray-hat. c. Phreakers, script-kiddies, lammers, newbies. 5. Informatics security certifications a. Individuals oriented certifications: CISSP, CISM, GIAC. b. Business oriented certifications: BS-17799, ISO 27001. c. Products oriented certifications: Orange Book, Common Criteria. 6. Basic a. b. c. concepts of security policies Policies definitions Standards definitions Lineaments definitions 7. Risks a. b. c. d. e. analysis Definitions Organizations assets Identifications of risks an treats of an organization Relation between assets, risks and acceptance levels Cost prevention and cost of remedy calculations 8. Security policies creation a. Best practices to create a security policy 9. Cryptology a. Cryptology and cryptanalysis b. Elements of a cryptosystems c. Objectives of cryptology d. Symmetric and asymmetric cryptology 10.Symmetric cryptology a. Symmetric cryptology flow b. Cryptosystems in flow examples c. Symmetric cryptology in by blocks d. Systematic attacks to cryptosystems e. Disadvantages of symmetric cryptology 11.Asymmetric cryptology a. Characteristic of asymmetric cryptology b. c. d. e. f. g. Algorithms of keys exchange Examples of algorithms for keys exchange Cipher asymmetric algorithms Examples of algorithms of asymmetric ciphering Attacks to asymmetric cryptosystems Hybrids ciphering systems 12.Cryptology and information integrity a. One way functions b. Examples of one way functions c. Attacks to one way functions (birthday attacks) 13.Cryptography and authentication a. Digital signature b. Standards of digital signatures: RSA y DSS. c. Message authentication codes (MAC). 14.PKI. a. b. c. d. PKI definitions Certificates Certifications authorities Trust relations 15.Private Virtual Networks (VPN). a. Definition b. Tunneling concept c. SSL protocol d. IPSec protocol e. SSH protocol. 16.Protocol analyzers a. Analyzers and sniffers. b. Functions of protocols analyzers c. Active protocol Analyzers vs. Passive Protocol Analyzers d. Example and use of a passive analyzer e. Example and use of an active analyzer 17.Vulnerabilities analyzers a. Characteristics of vulnerabilities analyzers b. Functions of a vulnerability analyzer c. Installation analyzer and use of a vulnerabilities analyzer 18.Firewalls. a. Firewall characteristics b. Firewall types: packages filtering, stateful and proxies. c. Elements of a secure architecture: bastion-host, dual-homed host, screened-host, screened-net. d. Personal firewalls e. Example of installation and configuration of personal firewalls 19.Intruders detection systems a. Characteristics of an IDS b. Kinds of IDS: host and network c. Paradigm of intruders detection: signatures vs inference d. Honeypots e. Example and installation of IDS 20.Malicious code a. Characteristics of Malicious code b. Kinds of Malicious code: virus, spyware, spam, rootkits, etc. c. Vectors of Malicious code attacks 21.Application level attacks a. Buffer overflow. b. SQL insertion. c. XSS attacks. 22.Mitigation methodologies a. Antivirus, antispyware, antispam and other software of Malicious code prevention b. buffer overflow prevention. c. SQL and XSS attacks prevention. 23.Mexican legislation a. Mexican legislation related with informatics security b. Mexican legislation related with e-commers c. Firma Electrónica Avanzada: Fiel. d. Standar NOM-151 for documents secured storage 24.International legislation a. International standars b. RFC 1087 c. Comparison between Mexican an international legislation 25.Future trends a. Oportunities of research in informatics security b. Main informatics securyt publications c. Main informatics security websites d. Main informatics security research congress Teaching and learning techniques: Problems based learning Bibliography: TEXT BOOKS: * Rick Lehtinen, Computer Security Basics, 2 edition, O´Reilly, , , , 9780596006693 * Ferguson, Niels., Practical cryptography / Niels Ferguson, Bruce Schneier., , New York : Wiley, c2003., , , , 047122894X (acid-free paper)0471223573 (pbk. : aci * Nitesh Dhanjani, Justin Clarke, Network Security Tools, Writting, Hacking, , Wiley, , , , 978-0596007942 Academic credentials required to teach the course: · Academic Degrees: Master's degree in Computational Sciences; Doctoral degree in Computational Sciences; Master's degree in Information Technologies; Doctoral degree in Information Technologies. Abstract, key words: Security, Cryptography, Malicious code, Risk analysis, Security tools. Language of Instruction: Spanish