COMP30082: Cryptography and Network Security (2007-2008)
The spectacular growth of the Internet has spawned an increased awareness in security issues. This course unit will cover security threats and vulnerabilities, principles of cryptography, and practical topics in network and Internet security. The course is designed for students who have some understanding of computer networks and protocols, but no background in security. The course aims to teach students principles and practices of cryptography and network security.
On successful completion of this course unit, the students should be able to:
Understand the principles and practices of cryptographic techniques. (A)
Understand a variety of generic security threats and vulnerabilities, and identify and analyse particular security problems for a given application. (A and B)
Understand the design of security protocols and mechanisms for the provision of security services needed for secure networked applications. (A)
Appreciate the application of security techniques and technologies in solving real-life security problems in practical systems. (A)
Design security protocols and methods to solve specified security problems. (B)
Be familiar with current research issues and directions of network security. (C)
Assessment of Learning outcomesLearning outcomes (1), (2), (3) and (4) and (5) are assessed by examination.
Contribution to Programme Learning OutcomesA3, B1 and C4.
General introduction to security.
Cryptographic techniques: classical cryptography, conventional cryptography (e.g. DES and AES), public-key cryptography (e.g. RSA), and digital signatures (e.g. DSA).
Security services: key management, agreement and distribution, Public Key Infrastructure (PKI), authentication, authorisation and access control services.
Network security applications: IP security (e.g. IPsec), Web security (e.g. SSL/TLS), Secure Electronic Transaction (SET), Electronic mail security (e.g. PGP, S/MIME), firewalls and Virtual Private Networks (VPNs).
Distributed System security: e.g. intrusion detection, Grid security.
Lectures 20 - 21
Mobile system & E-commerce securities: e.g. 3G security, e-payment systems, fair data exchange.
Core TextTitle: Cryptography and network security: principles and practices
Author: Stallings, William
Publisher: Prentice Hall