70 likes | 210 Views
Presented by Prof. Danilo Gligoroski. MSc in Telematics Specialization in Information Security. What is covered by the area of Information Security?. Ubiquitous integrated computing and communication services need services for data security, confidentiality, integrity and availability
E N D
Presented by Prof. Danilo Gligoroski MSc in TelematicsSpecialization in Information Security
What is covered by the area of Information Security? • Ubiquitous integrated computing and communication services need services for data security, confidentiality, integrity and availability • New information threat scenarios appear every month • The number of information security relevant incidents is steadily on the increase • Threats may be active and passive, may be unwanted incidents or may be deliberate abuse, eavesdropping and sabotage • Securing networks • Securing stored data • Secure data processing • Secure transportation of data • How can you be sure that you can securely do business on the Internet? • How can you be sure that nobody is able to empty your bank account? • How does one perform encryption? • Can we protect ourselves against spam and viruses? • Can I send an e-mail to my doctor without having to worry about others possibly reading the content?
Examples of past projects • Zeroday Exploits • Using network security monitoring methodology in a national CERT • Dynamic analysis of malware • Key management for temporary access control • Session-aware web proxy voter • Security of the MPOWER Platform • Fast implementation of cryptographic algorithms on NVIDIA CUDA GPU • A survey of the worldwide and Norwegian job market for Information Security specialists – 2008 • Cryptographic performance testing • Security in process control systems • Building robust PKI from users fingerprints
Examples of past master theses • Cryptanalysis of IEEE 802.11i TKIP • IEEE Standard: P1619.1 Authenticated Encryption • Narrow-Block Encryption • The Knapsack Problem • FPGA realization of a public key block cipher • Realizing Secure Multiparty Computations • Gait Mimicing • Share Computing Protocols over Fields and Rings • Malware Analysis: Frameworks and Tools for Automated Dynamic Analysis of Malware • JavaCards • E-Passport Security: Addressing the Privacy Issues • MQQ-SIG ultra-fast dig. sign. alg. • Practical attacks on RFID systems • Securing Near Field Communication • Design of a secure system of authentication of users using RFID • New trends in Internet attacks: Clickjacking in detail • Regulating Access of the information chain in a wind power system • Security in process control systems • Security in SOA-Based Healthcare Systems • Simulation of new security elements in an Ad-hoc network • TCP latency propagation through intermediary hosts • Tools and Techniques for Resetting or Recovery of Administrator Passwords on Popular Operating Systems • Web Applications Security
Obligatory: TTM4137 - Wireless Network Security • ECTS Credits: 7,5 • Content: • Services, protocols and mechanisms for security of wireless networks and mobile users, e.g. confidentiality and integrity algorithms, key management, authentication servers, security in WLAN, UMTS, Bluetooth and ad-hoc networks. Digital forensics in wirelesss systems. • Course Material: ValtteriNiemi, Kaisa Nyberg: UMTS Security, John Wiley & Sons, 2003. Edney, Arbaugh: Real 802.11 Security, Addison-Wesley 2004. Articles. • Recommended background: TTM4105 Access and Transport Networks, TTM4135 Information security or equivalent. • Teaching method: Lectures, technical essay, laboratory and exercises. Grading based on the portefolio of written final exam (60%), technical essay (20%), and lab report (20%). • Learning Goal: The course will provide knowledge of, and best practice skills for information security technology and methods in distributed systems providing services for mobile users and users of wireless networks.
Obligatory: TTM2 Information Security • ECTS Credits: 3,75 • Content: • Every year different actual topics like: Threat analysis, secure network protocols, principles, methods and tools for intrusion detection, network surveillance, security administration, cryptographic one-way hash functions. • Last year we covered the topic of cryptographic one-way hash functions. • For Fall 2010 we plan to cover one very hot and actual topic: Data Forensics • Course Material: Given at semester start. • Recommended background: TTM4135 Information Security, or equivalent. • Teaching method: Colloquia • Learning Goal: After completion of this unit, the students will have acquired more detailed knowledge about a selected topics within information security.