This course will provide students with a basic appreciation and understanding of the underlying security issues and implications of the use of various networked systems and electronic devices. Topics to be covered include overview of information systems and devices in a global network environment; introduction to cybercrimes and security issues; threats to information systems and devices; concepts for confidentiality, integrity and availability; security solutions and technologies; web security and electronic payment models; encryption algorithms.
- 50.005 Computer System Engineering and 50.012 Networks; or
- A working knowledge of programming in Python and a strong foundation in computer systems and Networks (HTTP, TCP/IP, ARP, DNS)
- List basic security solutions and models; explain concepts for confidentiality, integrity and availability.
- Apply protocols used for key establishment, network encryption, and authentication to secure a system.
- Classify and describe common attacks and countermeasures for host, network and web security.
- Apply known attacks to vulnerable cryptographic primitives.
- Model, analyze, and apply cryptographic primitives used for encryption, secure hashing, and digital signatures.
- Design security solutions to achieve specific security goals in a system.
- Evaluate the security of existing networked systems.
By the end of the course, students will be able to:
- Description of the fundamental concepts of security.
- Application of TLS to establish an authenticated secure connection.
- Critical assessment and summary of real-world attacks.
- Demonstration of known security vulnerabilities related to incorrect use of One-time-pads and block ciphers in Electronic-Codebook mode.
- Design and implementation of a scheme for preimage recovery of hashes through brute force and hybrid attacks.
- Application of substitution ciphers, One-time-pads, and AES to preserve the confidentiality of secret data.
- Analysis of potential attacks on schemes for secure authentication and digital signatures.
- Development of security requirements for a networked system.
- Design and analysis of a secure system using common security technologies.
- Practical security assessment of a provided networked system.
Students will be assessed on class participation, homework, lab assignments, projects and exams.