1 / 24

CSE 651: Introduction to Network Security

CSE 651: Introduction to Network Security. Steve Lai Spring 2010. Syllabus. Instructor: Steve Lai Office: DL 581 Office hours: MWF 2:30-3:30 Email: lai@cse.ohio-state.edu Home page: www.cse.ohio-state.edu/~lai. Text (required). William Stallings Cryptography and Network Security:

loman
Download Presentation

CSE 651: Introduction to Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. CSE 651:Introduction to Network Security Steve Lai Spring 2010

  2. Syllabus • Instructor: Steve Lai • Office: DL 581 • Office hours: MWF 2:30-3:30 • Email: lai@cse.ohio-state.edu • Home page: www.cse.ohio-state.edu/~lai

  3. Text (required) • William Stallings Cryptography and Network Security: Principles & Practice (5th edition) Pearson/Prentice Hall, 2010. • http://www.amazon.com/Cryptography-Network-Security-Principles-Practice/dp/0136097049

  4. Prerequisite • CSE 677 • Some maturity in mathematical reasoning

  5. Content of Course • Will cover the first 17 chapters of Stallings with many sections skipped.

  6. Topics • Introduction (Ch. 1) • Symmetric-key encryption • Classical encryption techniques (Ch. 2) • Block ciphers and data encryption standard (Ch. 3) • Advanced encryption standard (Ch. 5) • Block cipher operation (Ch. 6) • Stream ciphers (Ch. 7) • Public-key cryptography and RSA (Ch. 9)

  7. Topics (cont.) • Cryptographic hash functions (Ch. 11) • Message Authentication (Ch. 12) • Digital Signatures (Ch. 13) • Key management and distribution (Ch. 14) • User authentication protocols (Ch. 15) • Web Security: SSL (Ch 16) • IEEE 802.11 Wireless LAN Security (Ch. 17)

  8. Grading plan • Assignments: 20% • Midterm exam I: 25% (Monday, April 26) • Midterm exam II: 25% (Monday, May 17) • Final exam: 30% (Wed, June 9, 9:30) • Late homework will NOT be accepted.

  9. Three related courses • CSE 551: Introduction to Information Security • CSE 652: Applied Information Security Project • CSE 794Q: Introduction to Cryptography

  10. Introduction CSE 651: Introduction to Network Security

  11. What is Network Security? • Network Security – measures to protect data during their transmission over a network or internet. • Internet Security

  12. Aspects of Network Security • ITU-T Recommendation X.800 “Security Architecture for OSI” describes network security in three aspects: • security attack • security service • security mechanism

  13. Security Attack • Attack: any action that compromises the security of information • Many different types of attacks • Can be generally classified as • Passive attacks • Active attacks

  14. Passive Attacks • Reading contents of messages • Also called eavesdropping • Difficult to detect passive attacks • Defense: to prevent their success

  15. Active Attacks • Modification or creation of messages (by attackers) • Four categories: modification of messages, replay, masquerade, denial of service • Easy to detect but difficult to prevent • Defense: detect attacks and recover from damages

  16. Security Services (Goals) • Data Confidentiality: protecting data from unauthorized disclosure. • Data Integrity: • assuring that data received is as sent (w/o modification) • or detecting its non-integrity.

  17. Authentication: • (from dictionary: the action of confirming someone or something as authentic.) • (Peer) entity authentication: When establishing a logical connection, assure that the other party is as claimed. • Data origin authentication: In a connectionless transfer, assure that the source of received data is as claimed.

  18. Message Authentication • Data origin authentication • Data integrity • Entity Identification • Entity authentication

  19. Non-Repudiation: • Origin non-repudiation: preventing sender from denying that he has sent a message • Destination non-repudiation: preventing receiver from denying that she has received a message

  20. Access Control: preventing unauthorized use of a resource. • Availability:making systems or resources available upon demand by legitimate users.

  21. Security Mechanisms • Means to implement security services: • Encryption • Symmetric-key encryption • Public-key encryption • Key management • Hash functions • Message authentication codes • Digital signatures • Entity authentication protocols

More Related