Information Assurance

Afternoon session: (Subtitle) Computer and Network Security

 

Dr. Hwajung Lee

(Office: Davis 220, Email: hlee3@radford.edu)

 

Class website:

http://www.radford.edu/~hlee3/classes/itec693/itec693_SecurityBasic/ITEC693_schedule.htm

 

Textbook:

Kaufman, C., Perlman, R. and Speciner, M., Network Security (Private  Communication in a Public World), 2nd edition, Prentice Hall 2002.

 

References:

            William Stalling, Cryptography and Network Security, 2nd edition, Prentice Hall 1999.

Class notes: Computer Security, Pennsylvania State University, http://www.cse.psu.edu/~cg543/

 

Date

Class Notes (Tentative Schedule)

Reading Assignment

May 16, Monday

(2:00PM~4:45PM)

Introduction, Cryptography

Chap 2, 3, 4, and 6

May 17, Tuesday

(1:00PM~)

Cryptography continued

Hashes and Message Digests

Public Key Infrastructure

Kerberos

Diffie-Hellman Key Exchange Algorithm

 

Chap 5, 6, 13, 14 and 16

May 18, Wednesday

(1:00PM~)

IPsec, Web Security, SSL, Firewalls

Chap 17, 18, 19, and 23

May 19, Thursday

(3:00PM~5:00PM)

Group Presentations

Reading Materials

 

 

Group Presentation Guideline

 

1.        The number of members in one group will be announced in class on Monday.

 

2.       Presentation Date: May 19, Thursday.

 

3.       Presentation Length: 30 minutes per group

 

4.       Topics on Computer Security: You may choose your presentation topic if you get a permission from me by sending an email. If prefer, you may give a presentation on one of the following papers.

 

[Group 1] Risks of the Passport Single Signon Protocol, David P. Kormann and Aviel D. Rubin, Computer Networks, (July, 2000).

[Group 2] Security Problems in the TCP/IP Protocol Suite. Steven M. Bellovin, in Computer Communications Review 2:19, pp. 32-48, April 1989.

 

[Group 3] How to 0wn the Internet in Your Spare Time. Stuart Staniford and Vern Paxson and Nicholas Weaver, Proceedings of the 11th USENIX Security Symposium, pages 149--167, San Francisco, CA, August 2002.

 

[Group 4] Why Cryptosystems Fail, Rose Anderson, ACM in 1st Conf.- Computer and Comm. Security '93

 

The Protection of Information in Computer Systems. J. Saltzer and M. Schroeder, Proceedings of the IEEE 63(9) (1975) pp. 1278-130.

 

AES

-          http://csrc.nist.gov/CryptoToolkit/aes/rijndael/

-          http://csrc.nist.gov/CryptoToolkit/aes/rijndael/misc/nissc2.pdf

 

5.       You must use a powerpoint slide when you give a presentation.

 

Power Point Slides of the Group Presentation

 

Will You Ever Use Your ATM Again?

 

How to Own the Internet In Your Spare Time!

 

Passport Project

 

Security Problems in the TCP/IP Protocol Suite