CS 642: Introduction to Information Security (Fall 2007)

Home page

[Home] [Detailed course document] [Notes] [Assignments] [Useful links] [Project] [Messages]

Instructor
Somesh Jha,
7385 Computer Sciences Building
email:jha@cs.wisc.edu
Office hours for Somesh Jha: 4:00pm-5:00pm (tuesday)

TA
Jake Rosin,
Room: 1301 Computer Sciences Building
email:rosin@cs.wisc.edu
Office hours for Jake Rosin:12:00pm-1:30pm (monday)

Time and place
Tu,Th 2:30-3:45, 1257 Computer Sciences Building

Audience
CS 642 is an introduction to Information security. The course covers a broad range of topics.

General Description
Shared resources (such as the Internet) have created a global and open information infrastructure. A global infrastructure has several advantages, such as ease of sharing information. However, shared resources also increase the risk due to malicious behavior. Information security is the area that deals with protection from and detection of malicious activity. This course will follow the general structure given below.

Cryptographic primitives: This part of the course will focus on cryptographic primitives. We will cover the following topics: Symmetric-key and public-key encryption, hash functions, and digital signatures.

Protocols: This part of the course will focus on protocols that use the primitives introduced earlier. Some of the protocols we will consider are key establishment protocols (Kerberos and Diffie-Hellman secret sharing), web security (Secure Sockets Layer (SSL)), secure payment protocols (1KP and Cybercash), and Digital money (DigiCash).

System security: This part of the course will focus on system security. We will discuss some common system vulnerabilities and attacks, such as TCP SYN flooding and denial-of-service attacks. We will discuss general architecture of firewalls and intrusion detection systems.

Special topics: This part of the course will focus on new topics in security. This year we will discuss smartcards and their applications.

Material
Course notes and papers distributed by instructor and the following required text:

W. Stallings,Cryptography and Network Security: Principles and Practice, Prentice Hall, Fourth edition, 2006.

Following books not required but will be used as reference:

Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone, Handbook of Applied Cryptography, CRC Press, 2001.
You can download chapters of this book free. Please go to the following link.
Z. Chen, Java card technology for smart cards: Architecture and Programmer's Guide, Addison-Wesley Publishing Company, 2000.
W.R. Cheswick and S.M. Bellovin, Firewalls and Internet Security: Repelling the Wily Hacker, Addison-Wesley publishing company, 2001.
S. Northcutt, Network Intrusion Detection: An Analyst's handbook, New Riders Publishing, 1999.
M.H. Sherif, Protocols for Secure Electronic Commerce, CRC Press, 2000.
A.J. Menzes, P.C. Van Oorschot, S.A. Vanstone, Handbook of Applied Crytograph, CRC press, 1997.
E.D. Zwicky, S. Cooper, D.B. Chapman, and D. Russell,Building Internet Firewalls, O'Reilly and Associates, 2000.

Prerequisites
Mathematical maturity and programming experience. Undergraduate students need permission of the instructor.

Evaluation
Participation, assignments, exams, presentations and projects. See course document for details.