CSPP56510 – Information Technology Security

Winter Quarter 2008

Preliminary Syllabus

 

Course Objective

The objective of this course is to provide a basic understanding of Information Technology security – and to build an understanding of the elements that should be in place for an IT environment to achieve an adequate security level.  We will begin with a general overview of IT security and introduce a framework for addressing security needs across an enterprise.  Major security objectives and mechanisms for attaining these objectives will be discussed, including cryptography, authentication systems, Public Key Infrastructure, and platform and network security mechanisms.  This course will give an overview of the technical details involved in the platform and network levels of security.  We will look at common TCP/IP applications and discuss their security vulnerabilities.  The course material will be presented in a framework of understanding business risks and how to address them.

 

Students in this course will use the Unix operating system as a basis of learning host security mechanisms and should have a basic familiarity with Unix as a prerequisite.  Students should also be familiar with TCP/IP networks.  Students will be installing, configuring and running security tools obtained from the Internet as a part of their classwork.

 

Required Texts:                Security in Computing, Fourth Edition, Charles Pfleeger, 2006 Prentice Hall,  0-13-239077-9

Practical Unix & Internet Security, 3^rd Edition, Simson Garfinkel, Alan Schwartz and Gene Spafford, 2003 O’Reillly & Associates, 0596003234, ISBN-13: 978-0596003234

 

Recommended:                Firewalls and Internet Security: Repelling the Wily Hacker, 2nd Edition, William R. Cheswick, Steven M. Bellovin, Aviel D. Rubin, 2003 Addison Wesley Professional.

                                          (Version 1 available online - http://www.wilyhacker.com/1e/ )

 

                                          Network Security: Private Communication in a Public World 2nd Edition, Charlie Kaufman, Radia Perlman, Mike Speciner, 2002 Prentice-Hall

 

                                          Security Engineering, Ross Anderson, 2001 Wiley

 

Much of the course reading material will be assigned from selected web sites.

 

	SIC	Spafford	Other
Week 1 Instructor(s) Introduction Course Objectives   Information Security Overview Objectives of Information Security – confidentiality, integrity, availability Information Security Framework Control elements and layers Describe above elements in terms of the ISF Describe as "road map" to understanding security and this course Risk – definition, Control - definition Security Goals and Mechanisms -          Authentication – Authorization -          User IDs, passwords, groups, privileges, access rules	Chapter 1 http://www.informit.com/articles/article.aspx?p=680830	Chapters 1, 2	CERT Statistics 1988 - 2006 http://www.cert.org/stats/cert_stats.html   Merritt paper on Risk Management http://csrc.nist.gov/nissc/1998/proceedings/paperE5.pdf Security Breaches http://www.privacyrights.org/ar/ChronDataBreaches.htm#CP
Week  2 Encryption *         Symmetric, Asymmetric *         DES, 3-DES, RSA, AES Uses of encryption – PGP	Chapter 2	Chapter 7	Anderson – Security Engineering http://www.cl.cam.ac.uk/~rja14/Papers/SE-05.pdf   Schneier – Security Pitfalls in  Crypto http://www.schneier.com/essay-028.html
Week 3  Review – security mechanisms   Host Security – Linux Authentication - /etc/passwd Authorization - file permissions rwx Umode Groups - /etc/groups Shadow passwords File permissions - s, S, t suid risks Path variable risks Critical files - /etc/hosts, /.rhosts, etc. Change control – Tripwire Logging	Chapter 3, 4   http://www.informit.com/articles/article.aspx?p=31782	Chapters 4, 5, 6,	Stack overflows explained http://packetstormsecurity.org/docs/hack/smashstack.txt   Analysis of Buffer Overflow Attacks http://www.windowsecurity.com/articles/Analysis_of_Buffer_Overflow_Attacks.html   Reliability of Unix and NT utilities http://www.cs.wisc.edu/~bart/fuzz/fuzz.html   Improving the Security of Your Unix System http://the.wiretapped.net/security/info/papers/security/improving-unix-security.pdf
Week 4 Security Program Development             security policies             security awareness programs	Chapter 8	Chapter 3	ebk2007.pdf
Week 5   Authentication Mechanisms *         NIS, NIS+, *         Kerberos Single Sign-on products   PKI
Week 6 PKI Network Security introduction – attacks, security services and mechanisms Viruses and other Malware Denial of Service Attacks, Network assessment tools	Chapter 7 http://www.informit.com/articles/article.aspx?p=31782	Chapter 23, 24 Optional: Chapter 11, Chapter 19	Firewalls and Internet Security 1st Edition – Chapter 9 Classes of Attacks http://www.wilyhacker.com/1e/chap09.pdf
Week 7 – Application Security Forensics – Rick Patterson IP Security Risks – sniffing, spoofing, Security over Internet protocols             /etc/services, /etc/inetd.conf, /etc/rc.d *         telnet – rlogin – ssh - nfs *         ftp – tftp *         web *         ssl		Chapter 12, 14, 15, 16
Week 8  -   Honeynets – Ryan Moore   Wrappers and Proxies Firewalls Secure Communication over Insecure Networks – VPNs Wireless IDS		Chapters 20, 21	Firewalls and Internet Security 1st Edition – Chapter 3 – Firewall Gateways http://www.wilyhacker.com/1e/chap03.pdf
Week 9   Audit and Compliance Regulatory Environment	Chapters 10, 11
Week 10
Week 11 - Final

 

 

Grading Policy

Homeworks                            30%

Final                                        30%

Final Project                           25%

Quizzes                                   15%

 

Homework

Homework will mainly consist of configuring, running and reporting on security tools, solving security implementation problems in writing plus one final project.  There will not be in-depth programming assignments – unless the student chooses a final project involving programming.