MET CS 654 D1 - Network and Software Security - Fall
(Thursday, Main Campus, SMG 315, School of Management, 595 Commonwealth Ave, 6:00-9:00 PM)
Textbooks & Resources
All course materials will be posted using BU's WebCT site. This requires all students to have an account with the BU computer system. Click here for instructions if you require an account.
Click http://webct.bu.edu to enter WebCT site for this course.
The course provides an in-depth presentation of security issues in computer networks, systems and applications. Internet and intranet topics include security in IP, routers, proxy servers, and firewalls, application-level gateways, Web servers, file and mail servers. Discussion of remote access issues, such as dial-up servers, modems, VPN gateways and clients. Operating System security covers Unix and Windows OS security model, memory protection, access control and authentication, file system security, backup and recovery management, intrusion and virus protection mechanisms. Application level security focuses on language level security and various security policies; conventional and public keys encryption, authentication, message digest and digital signatures and their implementations with Java APIs.
There will be at least six assignments (including a mandatory laboratory exercise) and two in-class exams.
|1||9/9/2004||Introduction, Buffer Overflow Vulnerabilities|
|2||9/16/2004||Protection in General Purpose Operating Systems (Access control lists, file protection, authentication, etc.)||HW1 Assigned|
|3||9/23/2004||Designing Trusted Operating Systems (Security policies, security models, assurance, examples); Unix/Linux Security||HW1 Due, HW2 Assigned|
|4||9/30/2004||Unix/Linux Security (cont), Windows Security, Distributed Systems Security||HW2 Due|
|5||10/7/2004||Language Level Security||HW3 Assigned|
|1||10/28/2004||Overview of Network Security, Security Threats and Vulnerabilities, Computer Networks Review, Security issues at various network layers|
|2||11/4/2004||Authentication, Overview of Authentication system. Authentication of people: Biometrics|
|3||11/9/2004 (Tues)||Authentication Standards: Kerberos V4 and V5, X.509|
|4||11/18/2004||IPSec: AH and ESP|
|5||12/2/2004||Routing Attacks, Network Instability and Network Management Security||-|
|6||12/9/2004||Firewalls, LAN and WLAN security, Email security, Web Security, Distributed Denial of Service (DdoS), Tracebacks, Network Intrusion Detection Systems (IDS), Examples of attacks|
The actual grade will be determined based on the performance in the home works (50%) and the two exams (50%).