CSPP56510 – Information Technology Security

Winter Quarter 2010

Preliminary Syllabus

 

Course Objective

The objective of this course is to provide a basic understanding of Information Technology security – and to build an understanding of the elements that should be in place for an IT environment to achieve an adequate security level.  We will begin with a general overview of IT security and introduce a framework for addressing security needs across an enterprise.  Major security objectives and mechanisms for attaining these objectives will be discussed, including cryptography, authentication systems, Public Key Infrastructure, and platform and network security mechanisms.  This course will give an overview of the technical details involved in the platform and network levels of security.  We will look at common TCP/IP applications and discuss their security vulnerabilities.  The course material will be presented in a framework of understanding business risks and how to address them.

 

Students in this course will use the Unix operating system as a basis of learning host security mechanisms and should have a basic familiarity with Unix as a prerequisite.  Students should also be familiar with TCP/IP networks.  Students will be installing, configuring and running security tools obtained from the Internet as a part of their classwork.

 

Required Text:        Computer Security:  Principles and Practice, William Stallings, Lawrie Brown, 2008 Prentice Hall, 978-0-13-600424-0

 

 

Some of the course reading material will be assigned from selected web sites.

 

 

Stallings

SIC

Other

Week 1

Instructor(s) Introduction

Course Objectives

 

Information Security Overview

  • Objectives of Information Security – confidentiality, integrity, availability

Information Security Framework

  • Control elements and layers
  • Describe above elements in terms of the ISF
  • Describe as "road map" to understanding security and this course

Risk – definition, Control - definition

Security Goals and Mechanisms

-          Authentication – Authorization

-          User IDs, passwords, groups, privileges, access rules

 

Chapter 1

Chapter 1

http://www.informit.com/articles/article.aspx?p=680830

 

http://www.informit.com/content/images/0132390779/samplechapter/Pfleeger_ch01.pdf

 

 

(See http://www.e-commercealert.com/article296.shtml for more info on Sidebar 1-7)

 

CERT Statistics 1988 - 2006

http://www.cert.org/stats/cert_stats.html

 

Merritt paper on Risk Management

http://csrc.nist.gov/nissc/1998/proceedings/paperE5.pdf

Security Breaches

http://www.privacyrights.org/ar/ChronDataBreaches.htm#CP

 

 

 

Week  2

Encryption

*         Symmetric, Asymmetric

*         DES, 3-DES, RSA, AES

Uses of encryption – PGP

 

 

 

 

Chapters 2 (skip 2.5), 19, 20

Chapter 2

Anderson – Security Engineering

http://www.cl.cam.ac.uk/~rja14/Papers/SE-05.pdf

 

Schneier – Security Pitfalls in  Crypto

http://www.schneier.com/essay-028.html

 

Anderson – Why Cryptosystems Fail

http://www.cl.cam.ac.uk/~rja14/Papers/wcf.html

 

 

 

 

 

 Week 3

 

Authentication Mechanisms

*         NIS, NIS+,

*         Kerberos

Single Sign-on products

 

PKI

 

Access Control

 

Chapters 3,4, 22

 

 

Week  4

Review – security mechanisms

 

Host Security – Linux

Authentication - /etc/passwd

Authorization - file permissions rwx

Umode

Groups - /etc/groups

Shadow passwords

File permissions - s, S, t

suid risks

Path variable risks

Critical files - /etc/hosts, /.rhosts, etc.

Change control – Tripwire

Logging

 

 

Chapter 23

Chapter 3, 4

 

http://www.informit.com/articles/article.aspx?p=31782

 

Stack overflows explained

http://packetstormsecurity.org/docs/hack/smashstack.txt

 

Analysis of Buffer Overflow Attacks

http://www.windowsecurity.com/articles/Analysis_of_Buffer_Overflow_Attacks.html

 

Reliability of Unix and NT utilities

http://www.cs.wisc.edu/~bart/fuzz/fuzz.html

 

Improving the Security of Your Unix System

http://the.wiretapped.net/security/info/papers/security/improving-unix-security.pdf

 

 

 

Week 5

Security Program Development

            security policies

            security awareness programs

 

 

 

Chapter 14, 16, 17

Chapter 8

ebk2007.pdf

Week 6

PKI

Network Security introduction – attacks, security services and mechanisms

Viruses and other Malware

Denial of Service Attacks,

Network assessment tools

 

 

Chapter 6, 7, 8

Chapter 7

http://www.informit.com/articles/article.aspx?p=31782

 

 

Firewalls and Internet Security 1st Edition – Chapter 9 Classes of Attacks

http://www.wilyhacker.com/1e/chap09.pdf

 

Week 7 – Application Security

IP Security

Risks – sniffing, spoofing,

Security over Internet protocols

            /etc/services, /etc/inetd.conf, /etc/rc.d

*         telnet – rlogin – ssh - nfs

*         ftp – tftp

*         web

*         ssl

Chapters 11, 12, 21

 

 

Week 8  -

 

Wrappers and Proxies

Firewalls

Secure Communication over Insecure Networks – VPNs

Wireless

IDS

 

 

 

Chapter 9

 

Firewalls and Internet Security 1st Edition – Chapter 3 – Firewall Gateways

http://www.wilyhacker.com/1e/chap03.pdf

 

Week 9

 

Audit and Compliance

Regulatory Environment

 

 

 

Chapter 15, 18

Chapters 10, 11

 

Week 10

 

 

 

Week 11 - Final

 

 

 

 

 

Grading Policy

Homeworks                            30%

Final                                        30%

Final Project                           25%

Quizzes                                   15%

 

Homework

Homework will mainly consist of configuring, running and reporting on security tools, solving security implementation problems in writing plus one final project.  There will not be in-depth programming assignments – unless the student chooses a final project involving programming.