Computer Security (CS401)

AIMS The course addresses the problem of how to secure computer systems, networks, and data from unauthorized or accidental access, modification, and denial of service. It covers topics on formal definitions of security, privacy, and integrity; risk assessment and management; information theory; information flow and covert channels; coding and cryptology. Moreover, authentication methods, capabilities, access lists, and protection domains; standards; malicious software (viruses, logic bombs) legal factors; database and inference control; security kernels and verification methods are covered. LEARNING OUTCOMES Knowledge On completion of this module, the successful student will be able to: • Appraise the different level of computer threats. • Differentiate between security privacy and integrity. • Characterize ciphering and cryptology. • Illustrate the concepts of digital signature and Public or Private Key. • Discriminate between different authentication methods used for access control in computer systems based on their capabilities and protection domain. Skills This module will call for the successful student to demonstrate: • Identify security threats in a computer system or network. • Implement digital signature and Public or Private Key. • Apply key management techniques. • Propose and apply and evaluate security, privacy and integrity policies for a system. • Choose and implement the appropriate ciphering and cryptographic techniques. • Implement different authentication methods. SYLLABUS • Overview of Cryptography. • Mathematics Background. • Number-Theoretic Reference Problems. • Public-Key Parameters. • Pseudorandom Bits and Sequences. • Stream Ciphers. • Block Ciphers. • Public-Key Encryption. • Hash Functions and Data Integrity. • Identification and Entity Authentication. • Digital Signatures • Key Establishment Protocols. • Key Management Techniques. • Efficient Implementation. • Patents and Standards. TEACHING/LEARNING STRATEGIES • Weekly lectures to introduce the basic concepts of the course subjects. • Weekly tutorials to discuss the solution of the weekly homework assignments. • Weekly computer laboratory to develop programs implementing the different techniques discussed in the course. • Team Projects The student will work as a member of project team to apply the concepts learned in the course to real world problems. • Class presentations the student will be assigned a specific subject to investigate in depth and make a presentation on it in class. Assessment Scheme • Unseen Examinations 60 % • Coursework 40% LEARNING MATERIALS Network and Internet security by Vijay Ahuja, Academic Press Limited