Add to collection(s) Add to saved
  1. Business
  2. Management

Tutorials - Cal Poly Pomona

advertisement 
WTS 2008 Tutorials
T1: Wireless Network Security
A. Cryptographic Primitives for Secure Communication
Instructor: Professor Craig A. Rich, Ph.D., Computer Science
Department, Cal Poly Pomona
Abstract:
Achieving security through cryptographic techniques can be
mysterious. There is an alphabet soup of protocols and products;
many practitioners are left accepting vendors' security claims with
scant understanding of how security is achieved or what risks there
are. A large and potentially confusing variety of security solutions are
built from a relatively small number of primitive cryptographic
components.
This tutorial will introduce you to the basic cryptographic primitives,
and show how they're employed in some popular mechanisms for
secure communication. For each cryptographic primitive, we will
consider its intended uses, efficiency (or lack thereof), and potential
pitfalls. Simple schematic diagrams will be given for typical
deployments of Pretty Good Privacy (PGP) and WiFi Protected Access
(WPA), which are hybrid cryptosystems providing practical
authentication and privacy.
List of Topics:
Cryptographic Primitives
Random Number Generator
Hash Function
Message Authentication Code Function
Compression Function
Symmetric Cipher
Asymmetric Cipher
Illustrated Applications of Cryptographic Primitives
Pretty Good Privacy (PGP)
WiFi Protected Access (WPA)
Instructor's Biography:
Dr. Craig A. Rich is a Professor of Computer Science at Cal Poly
Pomona. He received an M.S. and Ph.D. in Computer Science from
Iowa State University. His academic areas of expertise include
computational complexity theory, language processing, cryptography
and secure communication. Dr. Rich is the principal architect of Cal
Poly Pomona's identity management infrastructure, which provides
unified authentication and authorization across the campus wired and
wireless networks and throughout centrally-provided services on
heterogeneous platforms. His current research interests include elliptic
curve cryptography and identity-based cryptosystems.
B. Wi-Fi Protected Access
Instructor: Professor Tim H. Lin, Ph.D., Electrical and Computer
Engineering Department, Cal Poly Pomona
Abstract:
Wireless network, with its convenience over the tangled wires in wired
network, has its inherent nemesis: the security problem. It is well
known that Wi-Fi is susceptible to attack on its WEP protocol. WPA is
the enhancement with key protocol TKIP to fix the problem on
deployed network cards using WEP, and WPA2 is a solution using more
sophisticated encryption protocol CCMP on the new network cards.
This tutorial will cover WEP and its RC4 cipher, how WEP is attacked,
the security concepts and protocols employed in WPA, the encryption
protocol CCMP based on AES used in WPA2, the authentication
protocol EAP for interoperability, and some real world practices of WAP
and WAP2.
List of Topics:



Wireless Network and Wireless Security
WEP (Wired Equivalent Privacy) and its flaw
o RC4 Stream Cipher
o WEP attack
WPA (Wi-Fi Protected Access)
o Encryption, Key, Authentication
o RC4 enhancement in WPA: Encryption
o TKIP (Temporal Key Integrity Protocol): Key
o MIC: Authentication

WPA2 (IEEE 802.11i)
o CCMP encryption protocol which is AES based
 AES

EAP (Extensible Authentication Protocol)
o EAP-TLS

WPA
o
o
o
/ WPA2 in real world
Wpa_supplicant software
WPA deployment
WPA performance
Instructor's Biography:
Dr. Tim Lin is a professor of Electrical and Computer Engineering at Cal
Poly Pomona. He received B.S. in Electrical Engineering and Ph. D. in
Mathematics from California Institute of Technology. Dr. Lin has
working experience in software industry on development and
management of software for more than 20 years, in aerospace and
commercial sectors. His academic areas of expertise include network
security, computer network, operating systems, Java, C++, and data
structures.
C. Computer Forensics Methodology – Protection After
Security Fails
Instructor: Assistant Professor Gregory H. Carlton, Ph.D., Computer
Information Systems Department, Cal Poly Pomona
Abstract:
It is largely understood that contemporary computing is conducted
within a networked environment, and as a result, much emphasis is
being placed on security practices to protect information assets. Given
the current emphasis on security, we must recognize that frequently
information systems fall victim to unauthorized access. While
continuously improving security techniques promise reduced risks of
unauthorized information exposure, computer forensics provides a
methodology to utilize data as evidence within the legal framework,
thus offering a method to hold those responsible for misusing the
technology accountable for their actions.
Computer forensics methodology must be utilized in order for
computer data to be accepted by the courts as evidence. This
methodology specifies procedures to acquire the original data in a
manner that ensures the authenticity of the evidence, and it provides
forensics computer examiners with physical data from which they can
reconstruct the logical activity that occurred and report their findings.
Computer forensics is a valuable tool available to individuals or
organizations that have fallen victim to information system security
breeches; however, this valuable tool is available only when the proper
methodology is followed to secure and process the data. Many
information technology professionals or managers responsible for
protecting the information technology assets of organizations are
unfamiliar with the essential first steps in forensically protecting data
after an event. This tutorial will introduce the computer forensics
methodology and provide you with the essential information needed to
prevent data from being inadmissible in a court of law.
List of Topics:
Computer Forensics Methodology
Data Acquisition
Data Analysis
Reporting
Instructor’s Biography:
Dr. Greg Carlton is an Assistant Professor of Computer Information
Systems at Cal Poly Pomona. He received his MBA and Ph.D. in
Communication and Information Sciences from the University of
Hawaii. His academic areas of interest include computer forensics and
management information systems. In addition to being an academic
in the field of computer forensics, he is also a practitioner with an
active caseload. He has been qualified as an expert witness, and he
has delivered expert testimony in court. Additionally, he has over 25
years of industry experience within the information technology
industry, including working for IBM and Hewlett-Packard.
Related documents
Hands-on with wifi security v2
Hands-on with wifi security v2
Ethnic Revolution
Ethnic Revolution
IME Student Learning Outcomes Corresponding
IME Student Learning Outcomes Corresponding
File
File
Tutorial 7 - Prince Sultan University
Tutorial 7 - Prince Sultan University
Academic Senate 11/26/2008 - Borough of Manhattan Community
Academic Senate 11/26/2008 - Borough of Manhattan Community
Scholarship Donor Information Form
Scholarship Donor Information Form
Configure Work Group Bridge
Configure Work Group Bridge
Information Systems and Internet Security (ISIS) Lab Some Recent
Information Systems and Internet Security (ISIS) Lab Some Recent
Chapter 3 (b) – Wireless LAN Security
Chapter 3 (b) – Wireless LAN Security
Download
advertisement