MET CS 654 D1 - Network and Software Security -
Spring 2004
(Thursday, Main Campus, SMG 240, 595 Commonwealth Ave, 6:00-9:00 PM)
Textbooks & Resources
CourseInfo Web Page
All course materials will be posted using BU's CourseInfo site. This requires all students to have an account with the BU computer system. Click here for instructions if you require an account.
Course Overview
The course provides an in-depth presentation of security issues in computer networks, systems and applications. Internet and intranet topics include security in IP, routers, proxy servers, and firewalls, application-level gateways, Web servers, file and mail servers. Discussion of remote access issues, such as dial-up servers, modems, VPN gateways and clients. Operating System security covers Unix and Windows OS security model, memory protection, access control and authentication, file system security, backup and recovery management, intrusion and virus protection mechanisms. Application level security focuses on language level security and various security policies; conventional and public keys encryption, authentication, message digest and digital signatures and their implementations with Java APIs.There will be at least six assignments and three in-class exams.
# |
Date |
Lecture |
Notes |
---|---|---|---|
| |||
1 | 1/15 | Language Level Security (Security policies and permissions, access control, secure class loading, security management, Java security architecture) | - |
2 | 1/22 | Cryptographic Elements (encryption, conventional and public key) | - |
3 | 1/29 | Message Digest and digital signature (Implementation with Java APIs) | - |
4 | 2/5 | Key Management (Implementation with Java APIs) | - |
5 | 2/12 | Exam1 (Application Level Security) | - |
| |||
6 | 2/19 | Introduction, Buffer Overflow Vulnerabilities | |
7 | 2/26 | Protection in General Purpose Operating Systems (Access control lists, file protection, authentication, etc.) | - |
8 | 3/4 | Designing Trusted Operating Systems (Security policies, security models, assurance, examples); Unix/Linux Security | - |
9 | 3/18 | Unix/Linux Security (cont), Windows Security | - |
10 | 3/25 | Distributed Systems Security, Exam2 (OS Security) | - |
| |||
11 | 4/1 | Overview of Network Security. Authentication Systems. | |
11 | 4/8 | Security Standards. Kerberos. Public Key Infrastructure. IPsec. SSL/TLS | |
13 | 4/15 | Electronic Mail Security. PEM, S/MIME. PGP | |
14 | 4/22 | Web Security. Firewalls. Network Management Security | |
15 | 4/29 | Exam3(Network Security) | - |
Course Grading
The actual grade will be determined based on the performance in the home works and the three exams.