COE 449---T071
Information security 

Catalog Description

Course Description

v       Principles and practice of network and internetwork security.

v       Mathematical principles of cryptography and data security.

v       Conventional and modern crypto systems.

v       Secure communication protocols.

v       Authentication and Digital Signatures.

v       Secure IP and SSL.

v       Modern applications like digital cash and secure distributed computing.

v       Operational aspects of computer and network security.

Course Objectives

Information security and cryptography provides the gateways through which electronic commerce will flow in the future Internet. Most technologies that shape tomorrow's society will be built around these gateways. These gateways will allow mass customization of information to individual and corporate consumers by letting people turn their driver's licenses into digital wallets that carry anything from electronic cash to credit lines, airline tickets, or medical prescriptions.

Information security technology provides the necessary tools and methods for the construction of this infrastructure in such a way that the privacy, ownership rights, and consumer rights of the participants are protected. We will study theoretical aspects of cryptographic algorithms and security protocols, and show how these techniques can be applied to solve particular data storage, networking, communication security, rights management problems.

Learning outcome

The student is expected to be knowledgeable of:

v       The theoretical aspects of cryptographic algorithms and protocols.

v       How theoretical crypto techniques can be integrated to solve particular information security problems.

v       The theoretical aspects providing integrity, confidentiality, and authenticity of documents and communicating parties.

v       Model, simulate, synthesize, and analyze information security systems. 

Selected References

  • Security in Computing, Pfleeger, C. and Pfleeger, S. (2003), 3rd Edition, Prentice Hall 

  • Hacking Exposed, S. McClure and George Kurtz,  5th Edition, McGraw Hill

  • Data Communications and Networking, 3/e. Behrouz A Forouzan, McGraw-Hill 2004

 

Grading Policy                     

Homework & Assignments

30%

Term paper

20%

Quizzes & attendance

Bonus

Exam I 

15%

Exam II

15%

Final

20%

                                                                    

Plagiarism, copying and other anti-intellectual behavior are prohibited by the university regulations. Violators may have to face serious consequences. 

Topics
Week  
1 08-09-07 Introduction
2 15-09-07 Social engineering

Online Attacks

HW1: Find 5 references about Secret Sharing: Years already discussed in class
You need to submit a hard copy and soft copy of the paper and list of references writing in the appropriate format.
Due Date Wednesday 26-09-07

3 22-09-07 Online Attacks

Malware

4 29-09-07

Physical Security

Communication security

Access Control

Monday: Meeting at RI in the security lab
We will meet at RI reception (first floor)

5 20-10-07 Access Control

Stegnography

HW: write a program that will store some data in a BMP image and another program that will retrieve the data from the image. use the least significant bit to store the data. Due date NOV 5th

Cryptography (Classical Cipher)

6 27-10-07 Cryptography (mathematical cipher)

Cryptography (Stream cipher,  RC4)

Cryptography (Block cipher cipher)

Cryptography (Block cipher cipher, DES)

EXAM I (Thursday NOV 1st 10am; 24-125)

7 03-11-07 Cryptography (AES)

Cryptography (public key)

8 10-11-07 Cryptography (RSA)

Hashing

9 17-11-07 Secret Sharing

Software reverse engineering

10 24-11-07 Firewalls
11 01-12-07 Program Security
12 08-12-07 EXAM II Saturday DEC 8th 2008

IP sec

13 29-12-07 Policy
14 05-01-08 Policy 2
15 12-01-08 Risk Management

Students Presentations (Tuesday 15th @ 7pm)

F 19-01-08 Final Examinations (Tuesday, January 22 2008 )

7:30 AM @ 24-106

F 26-01-08