1 / 19

Course: Computer Science 427/527 Title: Computer Security (3 credits)

Course: Computer Science 427/527 Title: Computer Security (3 credits) Meets: Tuesday/Thursday; 4:15 - 5:30 pm Where: WHETS (West 224 in Richland) Instructor: Robert E. Mahan Pacific Northwest National Laboratory

kaycee
Télécharger la présentation

Course: Computer Science 427/527 Title: Computer Security (3 credits)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Course: Computer Science 427/527 Title: Computer Security (3 credits) Meets: Tuesday/Thursday; 4:15 - 5:30 pm Where: WHETS (West 224 in Richland) Instructor: Robert E. Mahan Pacific Northwest National Laboratory Phone: 375-2475 (work); 627-4336 (home) e-mail: robert.mahan@pnl.gov or robertmahan@charter.net Class web site; www.tricity.wsu.edu/~cs427 Can also contact me by calling WHETS control in Richland at/or near the end of the class period. Administrative Detail

  2. Class Text Stallings, William,”Cryptography and Network Security, Principles and Practice”, 3rd edition, Prentice Hall, 2003. Supplementary Texts Schneier, Bruce, “Applied Cryptography”, 2nd edition, Wiley 1996. Outstanding and includes algorithms and source code in “C”. Schneier, Bruce, “Secrets and Lies, Digital Security in a Networked World”, Wiley, 2000. Weaknesses of the pure technology approach to security. Administrative Detail

  3. Supplementary Texts Stinson, Douglas R., “Cryptography Theory and Practice”, 2nd edition, Chapman & Hall/CRC Press, 2002. In-depth mathematical treatment of cryptography including proofs. Pfleeger, Charles P., “Security in Computing”, 3rd edition, Prentice Hall, 2003. Well balanced and covers material not found in other texts. Oppliger, Rolf, “Security Technologies for the World Wide Web”, 2nd edition, 2003, Artech House. Arguably the best text on WWW security currently available. Administrative Detail

  4. Just Good Reading Kahn, David, “The Codebreakers: The Story of Secret Writing,” Scribner, 1996. The most widely acclaimed history of cryptography. Singh, Simon, “The Code Book”, Anchor Books, 1999. A best seller about the history of making and breaking codes. Stoll, Clifford, “The Cuckoo’s Egg”, Doubleday, 1989. Another best Seller about tracking bad guys through cyber space. Mitnick, Kevin D., “The Art of Deception”, Wiley, 2002. Tales from one of the most notorious hackers. Administrative Detail

  5. Exams: Mid-term, and final, in-class, full period, closed book. May be take-home depending on instructor’s travel/work schedule. Homework: Mix of problem solutions and a few short programming assignments. Project: All students will complete a research paper on computer security. The 527 standard will be higher. Both will require citations of source references. This is suitable for your graduation writing requirement, but you need to do the paperwork. Grades: 40% h/w and papers, 30% mid-term, 30% final. Administrative Detail

  6. Undergraduates State-of-the-art survey, at least 10 pages in length, single spaced. Choose one of the following topics: Due date: April 20, 2004 (2 weeks before finals). Topic 1: The Security of Diffie-Hellman Algorithm. The security of Diffie-Hellman relies on the difficulty of the discrete logarithm problem. This project describes attempts to determine what size primes are required for security. In particular, evaluate the secure identification option of the Sun Network File System, which uses Diffie-Hellman algorithm with a prime p of 192 bits. Administrative Detail

  7. Topic 1 Objectives: •  Describe the different steps necessary to solve the discrete logarithm problem (DLP). • Discuss the state-of-the-art results obtained for the solution of DLP. • Discuss the SUN NFS cryptosystem, and discuss some of its deficiencies. • Make recommendations in order to have a secure size for the prime number p used in the Diffie-Hellman algorithm for the next ten years. Administrative Detail

  8. Topic 2: Internet Key Exchange Protocols The IETF has developed several key exchange protocols intended for the exchange of keys over the Internet. These have had performance problems and are not widely used. Evaluate protocols developed by the IETF and report on their effectiveness. Include any current efforts to develop improved protocols. Administrative Detail

  9. Topic 2 Objectives: •  Describe the different protocols that are available. • Discuss their strengths and weaknesses. • Discuss current IETF efforts to develop new or improved protocols including the timeline. • Indicate your views on how effective this will effort will be. Administrative Detail

  10. Topic 3: Security in ATM Machines ATM machines are located in public places for convenience and are attractive targets because they hold large amounts of cash. Numerous attempts have been made to break into these machines over the years. Some have been successful, but most have not been successful. Research the state-of-the-art of securing ATM machines including physical and electronic (e.g., key recovery, transmission security, etc.). Administrative Detail

  11. Topic 3 Objectives: •  Describe the threats to ATM machines. • Describe the physical and electronic protection mechanisms used on ATMs. • Describe at least two examples of actual attempts to compromise an ATM. • Discuss their strengths and weaknesses. Administrative Detail

  12. Graduate Students Analysis, at least 20 pages in length, single spaced on the security of the Kerberos security system: Due date: April 20, 2004 (2 weeks before finals). Kerberos was developed at MIT many years ago to provide a secure environment for computer systems in a large academic Environment. It has been used for many years and defects have been discovered and fixed in its long history. Develop a paper with a short history of the project including the major versions up to the Present version. Administrative Detail

  13. Kerberos Paper Objectives: •  Describe the purpose and history of Kerberos including the major versions and the purpose for which each version was developed. • Describe the security defects found in Kerberos in each major version and the fix for the defect. • Describe any known weakness in the current version including generic (i.e., design) and any specific (i.e., implementation) weaknesses. • Indicate where Kerberos is being used successfully (generic uses, not specific uses), whether you expect it to continue to be used and why, or why not. Administrative Detail

  14. Homework Include the following printed in the top right-hand corner of all homework, project, and test submissions: Your Full name Your student ID Your location (i.e., Pullman, Vancouver, Tri-Cities) Assignment Number Date submitted This greatly simplifies sorting and returning papers. Failure to do this will result in a deduction of points. Good idea to make yourself a template! Administrative Detail

  15. Homework/Project/Test Disputes • Your work will be graded by a TA. • If you have any dispute with your grade and seek a remedy, • you will need to submit an argument in your favor. Include: • A clear description of what you are disputing. • The reason for the dispute (justifying a grade change). • What points you believe should have been awarded. • In preparing homework: • Show all work steps and include any assumptions you make. • Write clearly and legibly. • Staple your pages together. Administrative Detail

  16. Projects Software projects have no prescribed language or format. You will not be graded on documentation, style, or formatting practices. I don’t care what language you use – you can use Excel if that solves the problem. You must submit source code, results, and enough documentation for the work to make sense. Ensure that you clearly highlight answers so they can be easily found. Administrative Detail

  17. Academic Integrity/Ethics You are expected to behave in accordance with high standards of ethical behavior as defined in the Student Handbook. Discovered breaches will result in a loss of points on the 1st offense and a course grade of “F” for any subsequent occurrence. Plagarism will not be tolerated. See http://www.eecs.wsu.edu/~syllabus/eeungrad/ academic-integrity.html for the detailed rules! Administrative Detail

  18. Disability Accommodations Reasonable accommodations are available for students who have a documented disability. Please notify the instructor during the 1st week of class of any accommodations needed for the course. Late notification may cause the requested accommodations to be unavailable. All accommodations must be approved each semester by the Coordinator of Disability Services, (Marjorie Seipt at WSU-Tri-Cities – 372-7351; see your advisory on campus). If you need services and have not already met with Disability Services you need to take immediate action. Administrative Detail

  19. Pullman TA Your campus TA information is XXX XXX Bldg/Room Phone Use for questions, problems help, advice. The TA will have office hours posted. Administrative Detail

More Related