Skip to content Skip to navigation

Algorithm and Processes in Computer Security - CS4243 Syllabus

1. Instructor information

Instructor name: Ms. To Nguyen Nhat Quang Email: quangtnn@uit.edu.vn

Home Phone: 3 8 435 703 Cell phone: 0903 658 501

Office: Linh Trung, Thu Duc, HCMC Office hours: 8:00-11:00 am

2. Class room

Ÿ Main class room (campus): Linh Trung, Thu Duc, HCMC

Ÿ Online classroom (website):

Ÿ Class meeting time:

Ÿ Library hours (where):

3. Course information

Ÿ Course description

Credit: 3 (3 lecture).

Overview of the components of computer and network security. Discussion of external processes required in secure systems, information assurance, backup,
business resumption. Detailed analysis of security encryption, protocols, hashing, certification and authentication.

Ÿ Course objectives:

At the completion of this course, a student should be able to:

o Understanding the basic concepts of network and computer security;

o Understanding the processes and algorithms of some commonly used encryption algorithms;

o Know how to use the certificate, authentication, digital signature;

o Can build the computer security systems in the enterprise.

Ÿ Prerequisite: ESL Level 2

CS 3443 – Computer Systems

CS 4283 – Computer Network

4. Book and materials

Ÿ Required textbook:

1. Neil Daswani, Christoph Kern, Anita Kesavan, Foundations of Security, Apress, 2007.

2. Manuel Mogollon, Cryptography and Security Services, Cybertech Publishing, 2007.

3. Mark Stamp, Information Security Principles and Practice, Wiley, 2006.

Ÿ Other materials:

Ÿ Course website:

5. Course requirements

Ÿ Assignments: Exercises are in corresponding sections of the required book.

Ÿ Computer-based training and testing

Ÿ Projects or Team Class Projects: Projects are given by the instructor after finishing a chapter.

Ÿ Midterm Examinations: Test on paper.

Ÿ Class attendance/participation: Evaluated by checking in the Attendance Book

Ÿ Final Examination: Test on paper.

6. Grading Procedures

Assignments: .................................................................................. 20%

Projects or Team Class Projects: ...................................................... 10%

Midterm Examinations: .................................................................. 25%

Class attendance/participation: ......................................................... 5%

Final Examination: .......................................................................... 40%

Total point and Grades
:

90-100: Very Good (A) 80-89: Good (B) 70-79: Well (C)

50-69: Mean (D) 40-49: Weak (E) 1-39: Bad (F)

7. Academic integrity Policies

· Student may not be absence in 4 sessions. If so, he/she will be prhibitted from test or exam.

· Student may not use Vietnamese languague in their class, or will be reduced 2% final marks.

· Be punctual to come and leave the class.

8. Course outline

Session

Topics

1

Chapter 1: Security Principles

  1. Security Goals
  2. Secure Systems Design

2, 3

Chapter 2: Secure Programming Techniques

  1. Worm and Other Malware
  2. Buffer Overflows
  3. SQL Injection
  4. Password Security

4

Chapter 3: Cryptography Basic

  1. Introduction
  2. Classic Cryptography
  3. Modern Cryptography

5

Chapter 4: Symmetric Key Cryptography

  1. Introduction
  2. Stream Ciphers
  3. Block Ciphers
  4. Integrity

6

Chapter 5: Asymmetric Key Cryptography

  1. Why Asymmetric Key Cryptography
  2. RSA
  3. Elliptic Curve Cryptography (ECC)
  4. Symmetric vs. Asymmetric Key Cryptography
  5. Certificate Authorities
  6. Identity-Based Encryption (IBE)
  7. Authentication with Encryption

7

Midterm test

8

Chapter 6: Key Management and Exchange

  1. Types of Keys
  2. Key Generation
  3. Key Storage
  4. Key Agreement and Exchange

9

Chapter 7: Hash Functions

  1. What is Hash Functions?
  2. Non-Cryptographic Hashes
  3. HMAC
  4. Uses of Hash Functions
  5. Other Crypto-Related Topics

9

Chapter 8: Authentication

  1. Introduction
  2. Authentication Methods
  3. Password
  4. Biometrics
  5. Two-Factor Authentication

10

Chapter 9: Authorization

  1. Introduction
  2. Access Control Matrix
  3. Multilevel Security Models
  4. Multilateral Security
  5. Firewalls
  6. Intrusion Detection

11

Chapter 10: Real-World Security Protocols

  1. Introduction
  2. Secure Socket Layer
  3. IPSec
  4. Kerberos

Ÿ Schedule, deadlines, deliverables by week: Students submit weekly Assignments on Fri/week

Ÿ Important dates: Midterm test and Final exam.

9. Comments and notes

Ÿ Preparation for Class: It is expected that the students read related chapter in textbook and lecture noted before each class. This will help to
capture the topics presented and discussed during class hours.

Ÿ Use of Class Time: Class time will be used mainly for lectures and discussions. A small part of class hours is used for testing. House works will
be discussed on individual basis.

Ÿ Class Attendance: Due to the broad range of topics discussed throughout the course and their inter-relationship, it is requested that the students
should attend the class regularly.

Ÿ Assignment Requirement: Assignments of each session must be submited by email before the next session begins.

REFERENCES

1. John R. Vacca, Computer and Information Security Handbook, Morgan Kaufmann Publishers, 2009.

2. Stuart McClure, Joel Scambray, George Kurtz, Hacking Exposed 6: Network Security Secrets & Solutions, The McGraw-Hill Companies, 2009.

3. Emmett Dulaney, CompTIA Security +, Wiley Publishing, Inc., 2009.

4. Jie Wang, Computer Network Security, Springer, 2008.

5. Joel Scambray, Stuart McClure, Hacking Exposed Windows: Windows Security Secret and Solutions, Mc Graw Hill, 2008.

6. Alan G. Konheim, Computer Security and Cryptography, Wiley, 2007.

7. Douglas W. Frye, Network Security Policies and Procedures, Springer, 2007.

8. Harold F. Tipton, Micki Krause, Information Security Management Handbook, Sixth Edition, Auerbach Publications, 2007.

9. Manuel Mogollon, Cryptography and Security Services, Cybertech Publishing, 2007.

10. Michael Cross, Web Application Security, Syngress Publishing, 2007.

11. Neil Daswani, Christoph Kern, Anita Kesavan, Foundations of Security, Apress, 2007.

12. Timothy P. Layton, Information Security: Design, Implementation, Measurement and Compliance, Auerbach Publications, 2007.

13. James C. Foster, Vincent T. Liu, Writing Security Tools and Exploits, Syngress Publishing, 2006.

14. Mark Stamp, Information Security Principles and Practice, Wiley, 2006.

15. Tony Bradley, Harlan Carvey, Essential Computer Security, Syngress Publishing, 2006.

16. Henk C. A. van Tilborg, Encyclopedia of Cryptography and Security, Springer, 2005.

17. Man Young Rhee, Internet Security: Cryptographic Principles, Algorithms and Protocols, Wiley, 2003.

18. Certified Ethical Hacker, version 6, EC-Council.

Instructor’s Signature

Ms. To Nguyen Nhat Quang