Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

COSC 5130 Computer Security and Reliability

advertisement 
2/16/2016
1
Webster University
Downtown Campus
Fall 2006
COSC 5130 – Computer Security & Reliability
Instructor: John J. Aleshunas
Office: Sverdrup 207 F
Phone: 314.961.2660 ext. 7565
E-mail: jalesh@webster.edu
Web page: mercury.webster.edu/aleshunas
Course Description
Students in this course will study the techniques for protecting data within a computer and
protecting data as it moves through a network. Data and system security and reliability will
be considered in a distributed environment. Topics will include encryption, authentication
and digital signatures, threats to the computer system, and system reliability.
Incoming Competency
Prospective students must have successfully completed COSC 5110 Network
Architecture.
Objectives
Students should
1.
Learn conventional encryption schemes using the DES model.
2.
Understand the design issues for the selection and use of encryption
protocols for providing confidentiality.
3.
Learn the principles for analyzing public-key cryptography.
4.
Learn approaches to the use of authentication and digital signature
techniques.
5.
Learn to anticipate threats to the computer system and develop
procedures for computer recovery.
6.
Learn the principles for analyzing system reliability.
7.
Learn the techniques and methods used for cryptanalysis.
Learning Outcomes
At the completion of this course, each student will be able to:
1. Describe conventional encryption schemes.
2. Explain the design issues for the selection and use of encryption protocols for
providing confidentiality.
3. Summarize the principles for analyzing public-key cryptography.
4. Illustrate approaches to the use of authentication and digital signature techniques.
2/16/2016
2
5. Explain how to anticipate threats to the computer system and develop procedures for
computer recovery.
6. Describe the principles for analyzing system reliability.
7. Summarize the techniques and methods used for cryptanalysis.
Schedule
Week 1
Course overview
Introduction to computer security and attacks
Conventional encryption
Classical techniques
Steganography
Monoalphabetic Ciphers
Polyalphabetic Ciphers
Transposition Techniques
Rotor Machines
Modern techniques
Simplified DES
Block Cipher Principles
Differential and Linear Cryptanalysis
The Data Encryption Standard
The Strength of DES
Text:
Ch 1 - Overview
Ch 2 –Classical Encryption Techniques
Ch 3 – Block Ciphers and the Data Encryption Standard
Discussion of individual research papers
Week 2
The Mathematics of Finite Fields
Modular and Polynomial Arithmetic
The Advanced Encryption Standard (AES)
Triple DES
International Data Encryption Algorithm
Example Algorithms
Characteristics of Advanced Symmetric Block Ciphers
Traffic Confidentiality
Key Distribution
Random Number Generation
Text:
Week 3
Ch 4 – Finite Fields
Ch 5 – Advanced Encryption Standard
Ch 6 – More on Symmetric Ciphers
Ch 7 – Confidentiality Using Symmetric Encryption
Prime and Relatively Prime Numbers
Testing for Primality
Discrete Logarithms
Principles of Public-Key Cryptosystems
The RSA Algorithm
Diffie-Hellman Key Exchange
2/16/2016
Week 3 (cont.)
Week 4
Week 5
3
Text:
Exam
Authentication Requirements
Authentication Functions
Hash Functions
MD5 Message Digest Algorithm
Secure Hash Algorithm (SHA-1)
Digital Signatures
Authentication Protocols
Digital Signature Standard
Text:
Week 6
Ch 11 – Message Authentication and Hash Functions
Ch 12 – Hash and MAC Algorithms
Ch 13 – Digital Signatures and Authentication Protocols
Kerberos
X.509 Authentication Service
Pretty Good Privacy
S/MIME
IP Security Architecture
Authentication Header
Combining Security Associations
Text:
Week 7
Ch 8 – Introduction to Number Theory
Ch 9 – Public-Key Cryptography and RSA
Ch 10 – Key Management; Other Public-Key Cryptosystems
Ch 14 – Authentication Applications
Ch 15 – Electronic Mail Security
Ch 16 – IP Security
Web Security Considerations
Secure Sockets Layer and Transport Layer Security
Secure Electronic Transactions
Intruders and Intrusion Detection
Viruses, and Related Threats
Firewall Design Principles
Trusted Systems
Text:
Ch 17 – Web Security
Ch 18 – Intruders
Ch 19 – Malicious Software
Ch 20 - Firewalls
Week 8
Presentation of individual papers
Week 9
Exam
2/16/2016
4
Text
Stallings, William, Cryptography and Network Security: Principals and Practice,
Fourth Edition, Prentice-Hall, Inc., Upper Saddle River, New Jersey 07458, 2002, ISBN:
0-13-187316-4
General
In this course, you will actively participate in the study of network and system security design
principles. Your emphasis, as graduate students, should be on discovery and implementation and
not on simple memorization of facts. You will be expected to read the assigned chapters and to
actively participate in the class discussions. Those discussions, as well as the individual projects,
will provide you a practical means to clearly comprehend network and system security.
The homework assignments will be worth very few grade points (this implies low risk). Their main
purpose is to help me assess your understanding of the course material and the presentation
pace. They also provide you the side benefit of pointing out what the key concepts of the material
are.
We will have two exams; a mid-term in week 4 and a final in week 9. The mid-term exam will
cover all of the material from the first three weeks. Because this course develops the subject
material from what’s presented earlier in the course, the final exam will be a comprehensive test
of all the material from weeks 1 through 7.
Individual Research Projects
The individual research project provides you the opportunity to experiment with a selected security
topic. You may select any research topic, subject to my approval. Remember, we are trying to
gain compentcy in encryption and systems security and some areas, for example, where the
problem domain is not constrained and well understood, may not be as productive as others.
Additionally, I want to expose you to a variety of security topics.
You can choose to conduct research and publish your findings in a research paper (approximately
ten double-spaced pages) or develop a working experiment with a security technique or algorithm
and publish your findings in a report (approximately five double-spaced pages). You will conclude
your project with a presentation in week 8. Use the APA (American Psychological Association)
style to format your paper and its reference citations.
This is a formal paper, and it requires a formal presentation. This is an opportunity for you to
share your work with the class. Plan to take ten-minutes to present your work, before questions
and comments. Don’t read your paper. Determine the most important and interesting parts of your
paper for the presentation (three items at most). It is not necessary to include everything in the
paper in your presentation, and in fact, there will not be time to do so. You must use PowerPoint
as a presentation aid in you presentation. If you choose to do a research project, present a
demonstration of your work.
2/16/2016
5
Grading
Your grade will be compiled from each of the class evaluation components in the following
proportions:
Mid-term Exam
Final Exam
Homework
Research Project
Total
25%
25%
10%
40%
100%
The course grading requirements are:
93 to 100%
90 to 92%
87 to 89%
83 to 86%
80 to 82%
77 to 79%
70 to 76%
Below 70%
A
AB+
B
BC+
C
F
Related documents
cryptography and network security
cryptography and network security
17.1 Case Study Worksheet1
17.1 Case Study Worksheet1
Hwk #11
Hwk #11
CS 2813 - Loyola College
CS 2813 - Loyola College
APP WORLD EXPORT CONTROLS CHECKLIST 1. Does your
APP WORLD EXPORT CONTROLS CHECKLIST 1. Does your
537mat
537mat
Test 2 Study Guide
Test 2 Study Guide
Download
advertisement