![[Search]](http://www.cl.cam.ac.uk/images/search.gif){kind=small}
![[A-Z Index]](http://www.cl.cam.ac.uk/images/az.gif){kind=small}
![[Contact]](http://www.cl.cam.ac.uk/images/contact.gif){kind=small}
![[University of Cambridge]](http://www.cl.cam.ac.uk/images/identifier2.gif){kind=small}
Up: Easter Term 2008: Part Previous: Distributed Systems Contents
Introduction to Security
Lecturer: Dr M.G. Kuhn
No. of lectures: 8
Prerequisite courses: Discrete Mathematics or Mathematics for Computation Theory, Operating Systems
This course is a prerequisite for Distributed Systems (Part II and Diploma) and Security (Part II).
Aims
This course is a broad introduction to both computer security and cryptography. It covers important basic concepts and techniques.
Lectures
- Cryptography. Introduction, terminology, classic ciphers, perfect secrecy, Vernam cipher, pseudo-random functions and permutations, computational security, random bit generation, secure hash functions, birthday problem.
- Symmetric cryptography. Block ciphers, modes of operation, message authentication codes, applications of secure hash functions.
- Asymmetric cryptography. Key-management problem, signatures and certificates, number theory revisited, discrete logarithm problem, Diffie-Hellman key exchange, ElGamal encryption and signature, hybrid cryptography.
- Authentication techniques. Passwords, one-way and challenge-response protocols, Needham-Schroeder, protocol failure examples, hardware tokens.
- Access control. Discretionary access control in POSIX and Windows, elevated rights and setuid bits, capabilities, mandatory access control, covert channels, Clark-Wilson integrity.
- Operating system security. OS security functions, trusted computing base, security evaluation methodology and standards.
- Software security. Malicious software, viruses, common implementation vulnerabilities, buffer overflows, meta characters, integer overflows, race conditions, side channels.
- Network security. TCP/IP vulnerabilities, firewalls. [0.5 lecture]
- Security policies and management. Application-specific security requirements, targets and policies, security management. [0.5 lecture]
Objectives
By the end of the course students should
- be familiar with the most common security terms and concepts
- have a basic understanding of the most commonly used attack techniques and protection mechanisms
- have gained basic insight into aspects of modern cryptography and its applications
- appreciate the range of meanings that ``security'' has across different applications
Recommended reading
* Gollmann, D. (2006). Computer Security. Wiley.
Stinson, D. (2005). Cryptography: theory and practice. Chapman & Hall/CRC (3rd ed.).
Further reading:
Anderson, R. (2001). Security engineering: a guide to building dependable distributed systems. Wiley.
Schneier, B. (1995). Applied cryptography: protocols, algorithms, and source code in C. Wiley (2nd ed.).
Cheswick, W.R., Bellovin, S.M. & Rubin, A.D. (2003). Firewalls and Internet security: repelling the wily hacker. Addison-Wesley (2nd ed.).
Garfinkel, S., Spafford, G. & Schwartz, A. (2003). Practical Unix and Internet security. O'Reilly (3nd ed.).
Up: Easter Term 2008: Part Previous: Distributed Systems Contents