7385 Computer Sciences Building
Office hours for Somesh Jha: Tu: 4:00pm-5:15pm
7372 Computer Sciences Building
Office hours for Mihai Chritodorescu:Th: 1:00pm-2:30pm TBA
Time and place
Tu,Th 2:30-3:45, 1325 Computer Sciences Building
CS 642 is an
introduction to Information security. The course covers a broad
range of topics.
Shared resources (such as the Internet) have created a global and open information
infrastructure. A global infrastructure has several advantages, such as ease of
sharing information. However, shared resources also increase the risk due to
malicious behavior. Information security is the area that deals with protection
from and detection of malicious activity. This course will follow the general
structure given below.
- Cryptographic primitives: This part of the course will focus on cryptographic
primitives. We will cover the following topics: Symmetric-key and public-key encryption,
hash functions, and digital signatures.
- Protocols: This part of the course will focus on protocols that use the
primitives introduced earlier. Some of the protocols we will consider are
key establishment protocols (Kerberos and Diffie-Hellman secret sharing),
web security (Secure Sockets Layer (SSL)), secure payment protocols (1KP and
Cybercash), and Digital money (DigiCash).
- System security: This part of the course will focus on system security.
We will discuss some common system vulnerabilities and attacks, such as TCP SYN
flooding and denial-of-service attacks. We will discuss general architecture of
firewalls and intrusion detection systems.
- Special topics: This part of the course will focus on new topics in
security. This year we will discuss smartcards and their applications.
Course notes and papers distributed by instructor and the following
W. Stallings,Cryptography and Network Security: Principles and Practice,
Prentice Hall, Fourth edition, 2006.
Following books not required but will be used as reference:
- Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone,
Handbook of Applied Cryptography, CRC Press, 2001.
You can download chapters of this book free. Please go to the
- Z. Chen, Java card technology for smart cards: Architecture and
Programmer's Guide, Addison-Wesley Publishing Company, 2000.
- W.R. Cheswick and S.M. Bellovin, Firewalls and Internet Security:
Repelling the Wily Hacker, Addison-Wesley publishing company, 2001.
- S. Northcutt, Network Intrusion Detection: An Analyst's handbook,
New Riders Publishing, 1999.
- M.H. Sherif, Protocols for Secure Electronic Commerce,
CRC Press, 2000.
- A.J. Menzes, P.C. Van Oorschot, S.A. Vanstone, Handbook of
Applied Crytograph, CRC press, 1997.
- E.D. Zwicky, S. Cooper, D.B. Chapman, and D. Russell,Building
Internet Firewalls, O'Reilly and Associates, 2000.
Mathematical maturity and
programming experience. Undergraduate students need permission of the
Participation, assignments, exams, presentations and projects.
See course document for details.