1 / 12

CS 285 Network Security

CS 285 Network Security. Fall 2012 Yuan Xue. Course Information. When and Where Tuesday/Thursday 1:10pm-2:25pm 298 Featheringill Hall Instructor: Yuan Xue ( yuan.xue@vanderbilt.edu ) Office: 383 Jacobs Hall, Phone: 615-322-2926

nikkos
Télécharger la présentation

CS 285 Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. CS 285 Network Security Fall 2012 Yuan Xue

  2. Course Information • When and Where • Tuesday/Thursday 1:10pm-2:25pm • 298 Featheringill Hall • Instructor: Yuan Xue (yuan.xue@vanderbilt.edu) • Office: 383 Jacobs Hall, Phone: 615-322-2926 • Office hours: Monday/Thursday 3:00pm-4:00pm or by appointment. • Web:http://vanets.vuse.vanderbilt.edu/dokuwiki/doku.php?id=teaching:cs285-fall2012

  3. Books and References • Textbook • [WS] Cryptography and Network Security: Principles and Practice (4th/5th Edition) by William Stallings • Reference books • [KPS] Network Security: Private Communication in a Public World (2nd Edition), by Charlie Kaufman, Radia Perlman, Mike Speciner [AND] Security Engineering: A Guide to Building Dependable Distributed Systems, by Ross J. Anderson [CSP] Security in Computing (3rd Edition), by Charles P. Pfleeger, Shari Lawrence Pfleeger [BIS] Computer Security: Art and Science, by Matthew A. Bishop[DM] The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws, by Dafydd Stuttard and Marcus Pinto

  4. Course Component • Lecture • Slides + white board • Take note • Online digest/slides • Participation • Discussion • Presentation • Homework • 5 assignments • Pencil/paper + programming • Midterm • Project • Important component • Start early • Potential topics Grading Policy • Participation: 10% • Homework: 35% • Midterm: 25% • Project: 30%

  5. What you will learn from this course • What is “Security”? • Where the security problems come from? • Potential threats to a system or an application • What are the solutions? • Apply an appropriate mix of security measures • Knowing what has worked, what has failed • Both theory, design, principle as well as hands-on experience • Security involves many aspects • Operating system, programming language, administration and policy • Our Focus: Network Security (Algorithm, protocol, mechanism) • We will also discuss OS, programming related security issues.

  6. Course Topics • Security Basics and Principles • Symmetric/ Asymmetric Cryptography • Basic concept, algorithm, mechanism, • Design principles • Security Practices • Secure protocols, systems and applications (SSL, IPSec, PGP) • Hand-on experiences (system/network exploits, defenses) • Hot Topics and Recent Development • Web security, Wireless Network security, Smartphone, Cloud computing, Worm, DoS attack, etc.

  7. Survey and Feedback • Your input is important • Online Survey • http://www.zoomerang.com/Survey/WEB22GJ2LF2VGD/ • Feedback

  8. What is security? • In general, security is the condition of being protected against danger or loss. (Wikipedia) • In computer security and network security • What are the subjects that need to be protected? • Let’s start with some terms • System • computer, network, application, data, resource • Principal: an entity that participate in a system • user, person

  9. Refer to [MB]1.1 What is security? • Computer Security • Confidentiality means that only authorized people or system can access the data or resource.  it’s about the receiver • Integrity refers to the trustworthiness of data or resources.  about the source • Data integrity means that data can only be modified by authorized people or system in authorized ways • Origin integrity (also called source authentication) means that the source of the data is trustworthy. • Message authentication (= data integrity + origin integrity) means messages received are exactly as sent (i.e. no modification, insertion, deletion, or replay), and the ID of the sender is valid. • Note: timing information (timestamp) is also considered as part of the message. • Availability means that people has the ability to use the information or resource desired.

  10. Where the security problem comes from? Let’s look at some example systems • Bank • Bookkeeping • Core operations • customer account, journals recording the transactions • Who has the access to the information? • Bank’s own staff – what if they cheat? • ATM • Authenticate users based on card and ID number • Let’s go Internet • The user – how do we know they are the “real” (authenticate) user? • Protect web servers and bookkeeping database

  11. Where the security problem comes from? • Hospital • Patient record system • Who can access the record? – • Many parties – insurance company, care giver, researcher, • Complicated -- role can change • Privacy issue – HIPPA • Anonymize the record for research • Is it sufficient? • Show me all records of 59-year-old males who were treated for a broken collarbone on September 15, 1966 • Drug management • Let’s go to Internet/Web • Patient Portal, Electronic Medical Record

  12. Where the security problem comes from? In real world where systems interact with each other… imagine physical systems controlled by computers, communicated via networks (cyber-physical system) Let’s watch a video clip..

More Related