Untitled Document

ECE 478- Computer and Network Security

Catalog Description: Security principles, models, and attacks. Overview of cryptography. Building secure systems and security evaluation criteria. Security in operating systems and computer networks. Management and analysis of security. Legal and ethical issues in computer security.

Prerequisites:

By course: The course is open to junior and senior undergraduate & graduate students.
By Topic: Modular arithmetic, Unix and Windows NT operating systems.

Courses that require this as a prerequisite: ECE 575

Credits: 3 Terms Offered: Spring

Instructors:

Primary: C. Koc
Secondary: M. Aydos

Textbooks:
Cryptography and Network Security, W. Stallings, Prentice Hall, upper Saddle River, New Jersey, 1999. ISBN : 0-13-869017-0

Reference Textbook:
Computer Security, D. Gollmann, John Wiley & Sons, Chichester, England, 1999.
ISBN: 0-471-97844-2

Course Learning Objectives:
Students are expected to demonstrate the ability to:

Identify computer and network security threats, classify the threats and develop a security model to prevent, detect and recover from the attacks. (ABET Outcomes: a, c, e, j, k)
Encrypt and decrypt messages using block ciphers, sign and verify messages using well known signature generation and verification algorithms. (ABET Outcomes: c, e, k)
Analyze existing authentication and key agreement protocols, identify the weaknesses of these protocols. (ABET Outcomes: c, e, k)
Download and install an e-mail and file security software, PGP, and efficiently use the code to encrypt and sign messages. (ABET Outcomes: c, e, k)
Develop SSL or Firewall based solutions against security threats, employ access control techniques to the existing computer platforms such as Unix and Windows NT. (ABET Outcomes: a, c, e, i, k)
Write an extensive analysis report on any existing security product or code, investigate the strong and weak points of the product or code. (ABET Outcomes: a, e, i, j, k, h)

Topics

Security fundamentals, definitions, principles of security, the layered approach
Overview of cryptography, encryption, decryption, stream ciphers, block ciphers, hash functions, message authentication codes, public-key cryptography, digital signatures
Identification, authentication, password schemes, spoofing attacks, single sign-on
Access control, subjects and objects, access operations, ownership, access control structures, intermediate controls, the lattice of security levels
Unix security, login and user accounts, access control, general security principles, audit logs, intrusion detection, wrappers, installation and configuration
Program security, malicious software
Network security, authentication, and key distribution
Firewalls and Computer System Security

Structure: Three 50-minute lectures per week.

Original: 4/01
Revised: 9/01

School of Electrical Engineering and Computer Science, 1148 Kelley Engineering Center
Oregon State University, Corvallis, OR 97331-5501
Send a comment about this web site | This page was last modified on Tuesday, April 09, 2002
Copyright © 2008 | Disclaimer | Committed to Diversity