| |
|
Introduction and Basics
- Course introduction (syllabus, policies, and projects)
- An overview of information
security: confidentiality, integrity, and availability
Symmetric Cryptography
- Classical ciphers
- One-time Pad, Stream Ciphers
- Block Ciphers, Modes of using block
ciphers.
- Message Integrity: cryptographic
hash functions, Message Authentication Codes (MAC)
Operating Systems Security
- Authentication, access control, and audit
- Unix Security Basics
Software Security
- Software vulnerabilities: buffer overflow, format string bugs, integer overflow, race
conditions, etc.
- Secure programming
Access Control
- Unix access control in depth: setuid,chroot, DTE, POSIX
capabilities, securelevel, sandboxing
- Mandatory Access Control
- Bell-LaPadula model, Trusted Operating Systems
- Integrity protection
- Role-Based Access Control
Malware and defenses
- Viruses, worms, rootkits, botnets
- Defense mechanisms
Public key cryptography
- One-time Pad, Stream Ciphers, Block Ciphers, Modes of using block
ciphers.
- Public-key encryption algorithms
-
Message Integrity: cryptographic
hash functions, Message Authentication Codes (MAC)
-
Digital Signatures
-
Authentication & Key Establishment Protocols
-
How to use cryptography correctly
Network Security
- TCP/IP and DNS security issues
- TLS/SSL
- Firewalls
- Intrusion detection systems
|