310 likes | 442 Vues
CSE 331: Introduction to Networks and Security. Slide Set 1. Fall 2001 Instructor: Carl A. Gunter. Personnel. Carl A. Gunter - Lecturer http://www.cis.upenn.edu/~gunter Office hour: 3:30 to 4:30 in 370 Moore GRW. Marc Corliss mcorliss@cis.upenn.edu www.cis.upenn.edu/~mcorliss
E N D
CSE 331: Introduction to Networks and Security Slide Set 1 Fall 2001 Instructor: Carl A. Gunter CSE 331
Personnel • Carl A. Gunter - Lecturer • http://www.cis.upenn.edu/~gunter • Office hour: 3:30 to 4:30 in 370 Moore GRW. • Marc Corliss • mcorliss@cis.upenn.edu • www.cis.upenn.edu/~mcorliss • Office hours: 1-2 Tuesday, 4-5 Thursday, location TBD. • Class web page • http://www.cis.upenn.edu/~cse331
Course Pre-Requisites • You would like to understand network and security fundamentals. • You have knowledge of Java programming. You like programming and want to know how to build secure networked systems. • You did not take TCOM 500 and you are not registered for it now. • If you complete TCOM 500, I look forward to seeing you in CIS/TCOM 551 this spring.
Assessment • Meet the Prof. • Exams. • Projects.
Meet The Prof Requirement • You must come and see the professor during at least one of his office hours before the second exam. • What to talk about: describe a computer-related project you did, are doing now, or plan to do. • How long? About 10-20 minutes.
Exams • Two in-class midterm exams. • Wednesday October 10 from 11:00 to 11:50. • Wednesday November 7 from 11:00 to 11:50 • A 120 minute final exam. • As determined by registrar.
Projects • Assorted programming and essay projects. • Early project: packet analysis. • Some projects will allow teams. • Important rule: team members cannot be “reused”. • It will be wise to know your classmates!
Make-Up Lecture • There will be an extra lecture on Wednesday, December 12. Material in this lecture will not be covered by exams or projects.
Recommended Reading • Computer Networks, A Systems Approach. Second Edition. Larry L. Peterson and Bruce S. Davie. Morgan Kaufmann 2000. • Handbook of Applied Cryptography. Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone. CRC 1997. • Secure Electronic Commerce. Warwick Ford and Michael S. Baum. Prentice Hall 1996. • Network Security Essentials: Applications and Standards. William Stallings. Prentice Hall 2000.
Reading for Fun and Profit • Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage. Clifford Stoll. Pocket Books 2000. • Crypto : How the Code Rebels Beat the Government -- Saving Privacy in the Digital Age. Steven Levy. Viking Press 2001. • Cryptonomicon. Neal Stephenson. Harperperennial Library 2000.
History of Cryptology • The Codebreakers; The Comprehensive History of Secret Communication from Ancient Times to the Internet. David Kahn. Scribner 1996. • The Code Book : The Science of Secrecy from Ancient Egypt to Quantum Cryptography. Simon Singh. Anchor Books 2000.
What is a Network? • Dictionary definition: A group or system of electric components and connecting circuitry designed to function in a specific manner.
The Four Major Networks • Telephone • Television • Radio • Internet
Computer networks • Computer networks are built mainly from general-purpose programmable hardware. • They support an extensible class of applications. • We will focus on networks consisting of • hosts, which provide programmability, • physical networks, which support direct communication, and • network elements, which support communication between networks
Applications • Electronic mail • File transfer and remote terminals • World-wide web (WWW) • Telephony (IP and POTS) • Document facsimile (FAX) • Network video (NV)
What Is Security? • Dictionary definition: protection or defense against attack, interference, espionage, etc.
System Vs. Environment (Safety) Environment System
System Vs. Environment (Security) Environment System
DATA DATA Confidentiality DATA Integrity Availability Goals of Security
Access Matrix Principals R R/W 0 R R/W 0 R R R 0 0 R/W 0 R R/W R/W A B C D Fred Joe Bow-Yaw Sarah Objects
Denial of Service Principals 0 R R/W 0 R R/W 0 R R R 0 0 R/W 0 R R/W R/W A B C D Fred Joe Bow-Yaw Sarah Objects
Breach of Confidentiality Principals R R R/W 0 R R/W 0 R R R 0 0 R/W 0 R R/W R/W A B C D Fred Joe Bow-Yaw Sarah Objects
Breach of Integrity Principals W R R/W 0 R R/W 0 R R R 0 0 R/W 0 R R/W R/W A B C D Fred Joe Bow-Yaw Sarah Objects
Availability Difficulty of use and poor performance Loss of Confidence Integrity Confidentiality Ability to Corrupt Overlapping Goals
Networks and Security • Early views of computer security were mainly motivated by time sharing. • Protect a user’s files and processes. • Security concerns extended to electronic commerce with EDI (Electronic Data Interchange) over VANs (Value Added Networks). • Proper transaction processing. • Concerns are now focused on security over the public Internet and wireless devices.
Internet Security Concerns • Confidentiality of transmitted data, such as passwords and credit card numbers. • Integrity of network information, such as routing tables and DNS bindings. • Authentication of users who have contact only via the Internet. • Thwarting Denial of Service (DoS) attacks. • Aiding security of host systems using firewalls, etc.
Aim of This Course • Teach networking basics, mainly as they are relevant to security. (Reduced emphasis on performance.) • Teach security basics, mainly as they apply to the Internet.