Introduction to Security

Lecturer: Dr M.G. Kuhn

No. of lectures: 6

Prerequisite courses: Operating System Foundations, Mathematics for Computation Theory

This course is a prerequisite for Distributed Systems.

Aims

This course is a broad introduction to both computer security and cryptography. It covers important basic concepts and techniques.

Lectures

• Introduction. Application-specific security requirements, targets and policies, common terms, security management, computer misuse and data protection legislation.

• Access control Discretionary access control in POSIX and Windows, elevated rights and setuid bits, capabilities, mandatory access control, Clark/Wilson integrity.

• Operating system and network security. OS security functions, trusted computing base, malicious software, common implementation vulnerabilities, TCP/IP vulnerabilities and firewalls, security evaluation methodology and standards.

• Symmetric cryptography. Pseudo-random functions and permutations, computational security, secure hash functions, birthday problem, block ciphers, modes of operation, message authentication codes, applications of hash functions, random number generation.

• Asymmetric cryptography. Key management problem, signatures and certificates, number theory revisited, discrete logarithm problem, Diffie-Hellman key exchange, ElGamal encryption and signature, hybrid cryptography.

• Authentication techniques. Passwords, one-way and challenge-response protocols, Needham-Schroeder, protocol failure examples, hardware tokens.

Objectives

By the end of the course students should

• appreciate the range of meanings that ``security'' has across different applications

• be familiar with the most common security terms and concepts

• have a basic understanding of the most commonly used attack techniques and protection mechanisms

• have gained basic insight into aspects of modern cryptography and its applications

Recommended books

* Gollmann, D. (1999). Computer Security. Wiley.
Stinson, D. (2002). Cryptography - theory and practice. Chapman & Hall/CRC (2nd ed.).

Further reading:

Anderson, R. (2001). Security engineering: a guide to building dependable distributed systems. Wiley.
Schneier, B. (1995). Applied Cryptography: Protocols, Algorithms, and Source in C. Wiley (2nd ed.).
Cheswick, W.R., Bellovin, S.M. & Rubin, A.D. (2003). Firewalls and Internet security: repelling the wily hacker. Addison-Wesley (2nd ed.).
Garfinkel, S. & Spafford, G. (1996). Practical Unix and Internet security. O'Reilly (2nd ed.).