Embed Size (px)
Citation preview
Introduction to Information Security
J. H. WangSep. 18, 2012
Instructor
• Instructor– Jenq-Haur Wang (王正豪 )– Assistant Professor, CSIE, NTUT– Office: R1534, Technology Building– E-mail: [email protected]– Homepage: http://www.ntut.edu.tw/~jhwang/ – Tel: ext. 4238– Office Hour: 9:10-12:00am every Tuesday and
Wednesday
Course Overview
• Course: Information Security• Time: 13:10-14:00pm on Tuesdays,
13:10-15:00pm on Wednesdays• Classroom: R527/R427, 6th Teaching
Building• Prerequisite: Discrete Mathematics,
Computer Networks• Course webpage:
http://www.ntut.edu.tw/~jhwang/IS/• TA: H.Y.Wang (R1424, Technology
Building)
Target Students
• For those who– Major in Computer Science or
Information Technology, and– Are familiar with basic computer
networks and discrete mathematics, and– Are preparing to investigate more
details in selected topics and recent developments in information security
Resources
• Textbook: Network Security Essentials: Applications and Standards, 4th ed., by William Stallings, Pearson Education, Inc., 2011. (International Edition, imported by Kai-Fa Publishing)– http://williamstallings.com/NetworkSecurity/ – Online chapters and appendices available
• References: – Cryptography and Network Security: Principles and
Practice, Fifth Edition, by William Stallings, Prentice-Hall, 2011 (from which our textbook is adapted)
– Slides, documents, and tools
Teaching
• Lectures• Homework assignments
– Homework should be turned in within two weeks
• Mid-term exam• Term project: programming exercises
or topical surveys– How do intruders attack our systems– What kinds of security tools are available– How do we protect against attacks
Grading Policy
• (Tentative) grading policy– Homework assignments: 30%– Midterm exam: 30%– Term projects: 40%
• Programming exercises or topical surveys
Course Description
• Introduction to basic concepts in information security and their applications – Cryptography
• Encryption, hash function, digital signature
– Network security applications• HTTPS, wireless security, e-mail security, IP
security
– System security• Intrusion, virus, firewall
Outline & Schedule• Outline
– Introduction– Cryptography (Ch. 2-3)
• Symmetric encryption and message confidentiality• Public-key cryptography and message authentication
– Network security applications (Ch. 4-8)• Key distribution and user authentication• Transport-level security• Wireless network security• Electronic mail security• IP security
– System security (Ch. 9-11)• Intruders• Malicious software• Firewalls
Outline & Schedule (Cont’)
– Online chapters (Ch.12-13)• Network management security• Legal and ethical aspects
Outline & Schedule (Cont’)
• (Tentative) Schedule– Introduction: 1-2 wks– Cryptography: 3-4 wks – Network security applications: 7-8 wks
• TCP/IP• Web, SSH, E-mail, IP security
– System security: 1-2 wks• Intrusion detection, password, virus, firewall
• Due to the time limits, we will try to cover most of the major topics above without going too much into details– E.g.: mathematical parts such as number theory (Appendix
A)– A broad overview, and then focus on selected topics in
depth
Additional Resources
• Review on computer networking and TCP/IP protocols
• Slides on network and information security
• Useful tools for network and system security
• Web resources and recommended reading (at the end of each chapter)
More on Term Project
• Programming exercises using security libraries– Implementation of security algorithms– Implementation of a client-server application for
secured chat room– …
• Topical surveys in information security-related topics, e.g.:– Demonstration on how to use a security tool to
defend against attacks– Comparison of security standards or algorithms– Potential security weakness in systems, and
possible solutions or countermeasures– …
Thanks for Your Attention!
