COMP38411: Cryptography and Network Security (2011-2012)
The advances in the Internet and wireless communication technologies have led to an impressive growth in the mobile internet. It is now a daily routine for people to share information via, and access services on, the Internet anywhere and anytime. Information that is transmitted, processed, stored, and managed on networked systems is particularly vulnerable to security threats, such as identity theft, manipulation or misuse of valuable or confidential information, deliberate damage to systems and services, and fraud and forgeries in e-banking and e-business dealings. Therefore, how to protect information and resources against these threats has become an important topic.
This course unit is aimed at introducing the technologies and practices that can be used to secure information, computer systems and networks. The course will cover security threats and vulnerabilities, principles of cryptography, and practical topics in network and Internet security. It is designed for students who have some understanding of computer networks and protocols, but no background in security.
|Programme outcome||Unit learning outcomes||Assessment|
|A3||Understand the principles and practices of cryptographic techniques.|
|A3 B1||Understand a variety of generic security threats and vulnerabilities, and identify and analyse particular security problems for a given application.|
|A3||Understand the design of security protocols and mechanisms for the provision of security services needed for secure networked applications.|
|A3||Appreciate the application of security techniques and technologies in solving real-life security problems in practical systems.|
|B1||Design security protocols and methods to solve specified security problems.|
|C4||Be familiar with current research issues and directions of network security.|
Introduction to security issues: Basic notions of security (confidentiality, integrity and availability), security threats, models, policies, and mechanisms.
Cryptographic building blocks: conventional cryptography (Feistel ciphers, AES), public-key cryptography (RSA), message authentication and cryptographic hash functions (SHA and HMAC), digital signatures, digital certificates and Public Key Infrastructures (PKIs), key management and distribution (Diffie-Hellman, and Needham-Schroeder protocols).
Channel security: IP security (IPSec), secure socket layer (SSL/TLS).
Lectures 13 - 17
Security services: user identification and authentication (unix authentication solution, smart-card authentication solution, Kerberos), access control structures (access control matrix, capabilities and access control list).
Lectures 18 - 21Advanced topics: e.g. wireless local area network (WLAN) security, e-commerce security, Grid security.
The main text book is Cryptography and Network Security by William Stallings, but there are many other very useful books, e.g. Matthew Bishop, Computer Security: Art and Science Addison-Wesley, 2003, ISBN 0-201-44099-7.
There are also useful resources on the Internet, e.g. http://www.cert.org, and http://www.itl.nist.gov/.
Core TextTitle: Cryptography and network security: principles and practice (7th edition)
Author: Stallings, William