5393 Computer Sciences and Statistics Building
Time and place
MWF 1:30-2:10, 1263 CS-Statistics building.
CS 838 is an
introduction to Information security. The course covers a broad
range of topics.
Shared resources (such as the Internet) have created a global and open information
infrastructure. A global infrastructure has several advantages, such as ease of
sharing information. However, shared resources also increase the risk due to
malicious behavior. Information security is the area that deals with protection
from and detection of malicious activity. This course will follow the general
structure given below.
- Cryptographic primitives: This part of the course will focus on cryptographic
primitives. We will cover the following topics: Symmetric-key and public-key encryption,
hash functions, and digital signatures.
- Protocols: This part of the course will focus on protocols that use the
primitives introduced earlier. Some of the protocols we will consider are
key establishment protocols (Kerberos and Diffie-Hellman secret sharing),
web security (Secure Sockets Layer (SSL)), secure payment protocols (1KP and
Cybercash), and Digital money (DigiCash).
- System security: This part of the course will focus on system security.
We will discuss some common system vulnerabilities and attacks, such as TCP SYN
flooding and denial-of-service attacks. We will discuss general architecture of
firewalls and intrusion detection systems.
- Special topics: This part of the course will focus on new topics in
security. This year we will discuss smartcards and their applications.
Course notes and papers distributed by instructor and the following
A.J. Menzes, P.C. Van Oorschot, S.A. Vanstone, Handbook of
Applied Crytograph, CRC press, 1997.
Following books not required but will be used as reference:
- Z. Chen, Java card technology for smart cards: Architecture and
Programmer's Guide, Addison-Wesley Publishing Company, 2000.
- W.R. Cheswick and S.M. Bellovin, Firewalls and Internet Security:
Repelling the Wily Hacker, Addison-Wesley publishing company, 2001.
- S. Northcutt, Network Intrusion Detection: An Analyst's handbook,
New Riders Publishing, 1999.
- M.H. Sherif, Protocols for Secure Electronic Commerce,
CRC Press, 2000.
- W. Stallings,Cryptography and Network Security: Principles and Practice,
Prentice Hall, 1998.
- E.D. Zwicky, S. Cooper, D.B. Chapman, and D. Russell,Building
Internet Firewalls, O'Reilly and Associates, 2000.
Mathematical maturity and
programming experience. Undergraduate students need permission of the
Participation, assignments, presentations and projects.