Next: Prolog for Artificial Intelligence
Up: Lent Term 2002: Part
Previous: Digital Communication I
  Contents
Lecturer: Mr M.G. Kuhn
(mgk25@cl.cam.ac.uk)
No. of lectures: 6
Prerequisite courses: Discrete Mathematics, Operating Systems
This course is a prerequisite for
Security (Part II).
Aims
This course is a broad introduction to both computer security and
cryptography. It covers important basic concepts and techniques.
Lectures
- Introduction. Management of malicious intent, threat
scenarios, critical infrastructures, security targets and policies,
security mechanisms, examples of applications and their different
security requirements, multi-lateral security, privacy and data
protection, computer misuse legislation.
- Operating system and network security. Access control lists,
capabilities, elevated rights, auditing, intrusion detection, Unix and
NT security, HTML security, password cracking, buffer overflow,
categories of malicious software, sandboxing, firewalls,
denial-of-service attacks, mandatory access control systems, security
evaluation standards. [2 lectures]
- Symmetric cryptography. Historic ciphers and their attacks
(Caesar, Vigenère, Playfair), Vernam cipher, random oracle model,
block ciphers, Feistel network, hash functions, modes of operation,
message authentication codes, TEA, DES, AES.
- Authentication techniques. Biometrics, passwords,
one-way authentication, challenge-response protocols,
Needham-Schroeder/Kerberos, smartcards and RF tags.
- Asymmetric cryptosystems. Number theory, discrete logarithm,
Diffie-Hellman key exchange, digital signature algorithms, ElGamal,
hybrid cryptography, certificates and public key infrastructure.
Objectives
By the end of the course students should
- appreciate the range of different meanings that ``security'' has
in different applications
- be familiar with the most common security terms and concepts
- have a basic understanding of the most commonly used attack
techniques and protection mechanisms
- have gained basic insight into modern cryptography and its
applications
Recommended books
Gollmann, D. (1999). Computer Security. Wiley.
Schneier, B. (1995). Applied Cryptography: Protocols, Algorithms,
and Source in C. Wiley (2nd ed.).
Further reading:
Anderson, R. (2001). Security Engineering: A Guide to Building
Dependable Distributed Systems. Wiley.
Kahn, D. (1996). The Codebreakers. Scribner (2nd ed.).
Cheswick, W.R. & Bellovin, S.M. (2001). Firewalls and Internet
Security: Repelling the Wily Hacker. Addison-Wesley (2nd ed.).
Garfinkel, S. & Spafford, G. (1996). Practical Unix and Internet
Security. O'Reilly (2nd ed.).
Amoroso, E. (1994). Fundamentals of Computer Security
Technology. Prentice-Hall.
Next: Prolog for Artificial Intelligence
Up: Lent Term 2002: Part
Previous: Digital Communication I
  Contents
Christine Northeast
Tue Sep 4 09:34:31 BST 2001