CmpE 526
Operating System and Network Security, Spring 2005
Instructor
: Dr. M.
Ufuk Çağlayan, ETA209, Tel.
6698
Class Meetings : Thursdays,
Reading Material : -
Matt Bishop, Computer Security: Art and Science, Addison Wesley, 2003
- Matt Bishop,
Introduction to Computer Security, Addison Wesley, 2005
- W.
Stallings, Cryptography and Network Security,
Prentice-Hall, 2003, 3rd
Ed.
- Additional list of textbooks
and selected papers to be distributed
Grading
: Subject
presentations
250
Term
paper 150
Projects
200
Midterm
200
Final
Exam 200 Total
Exams : 40%
Total 1000
Subjects to be
covered and Schedule of Presentations:
1. Introduction
and course organization.
2. Overview
of operating system and computer network security issues : Computer security
basics, risk analysis, security policies (template), trusted computers and
networks, Orange Book, UNIX security, TCP/IP security, organizations (CERT,
CSRC), standards.
3. Conventional
Encryption : Classical techniques, terminology,
conventional cryptosystem model, substitution, transposition, cryptanalysis,
various conventional encryption techniques (Playfair, Vigenere, rotor machines,
etc). Modern techniques, Simple DES, block cipher principals, DES and its details.
Other modern techniques such as IDEA, BLOWFISH, CAST, RC2, RC5, etc. Use of
conventional cryptology and confidentialty issues, key distribution problem,
random numbers as keys.
4. Number
Theory : Prime numbers, modular arithmetic, Fermat's
and Euler's theorems, primality testing,
5. Public
Key Cryptography : Diffie-Hellman approach, public key
cryptosystem model, principles of public key cryptology, RSA scheme, key management, Diffie-Hellman key
exchange. number theory issues, elliptic key
cryptography.
6. Authentication
and Digital Signatures : Requirements and functions,
message authentication codes, hash functions, algorithms such as MD5, SHA,
RIPEMD, HMAC. Digital signatures and DSS. authentication
protocols.
7. UNIX/LINUX
Security Issues: User accounts and the login process, password file entries,
passwd command, passwords and password selection, password encryption and
aging, initialization/startup files and directories, root account and superuser,
su command, file protection: ownership and access rights, owners, group owners,
user and group ids, read, write, execute rights on files and directories,
access rights and permissions of new files, file encryption, set user id and
set group id properties, effective user and group ids, chown, chgrp, chmod and
related commands, system files and directories and their access control,
process accounting, log files, break-ins, hidden files
8. Security
Issues of Other Operating Systems : Windows, Solaris.
9. Authentication
Applications : Kerberos (algorithms and v4/v5
software). X.509, certificates, performance, problems, certification
authorities, certificate software.
10. TCP/IP
security: IP security. DNS security,
FTP/Telnet security, NIS/NFS security, SNMP security
11. Electronic
Mail Security : PGP, S/MIME, PEM, SMTP and Sendmail.
12. Web
security: HTTP, SSL, JAVA security.
13. Firewalls
and Intrusion Detection: Concepts, packet filtering, example commercial and
public domain software. OS/Network Security Tools: Example commercial and
public domain software tools.
14. Intruders,
viruses, worms, hacker tools.
15. Security
of Digital Money and Payment Systems : Principles, SET
protocol and other protocols.
Additional Notes
:
1. You
can take this course only if you have successfully taken (grades C or above) an
Operating Systems course and a Computer Networks course, at undergraduate
and/or graduate level.
2. Your
attendance is checked and required in all presentations. Presentations are
evaluated/graded by the classroom participants
3. You
cannot miss your presentations (of course with the exception of health
reasons). Drop the course if you would not be able make it.
4. Midterm
and final exam are take-home.
5. Email
list is cmpe526@cmpe.boun.edu.tr.
6. Presentations,
each 50 minutes.