Course Length:

20 hours over 10 weeks (1 two-hour meeting per week)

Course Description:

Distributed system security. Protocols for secure communication. Describing and analyzing attacks on networks. Methods to analyze event-sequences, detect intrusion, and prevent attacks based upon formal network models and security requirements. Software decoys. Authentication, certification, and key management. CORBA security. Kerberos. Security for network layers, including the TCP/IP protocol, ATM, private virtual networks, and firewalls. Internetworking and internet protocols. Privacy and proof of delivery issues for e-mail service, PEM (privacy enhanced mail), and PGP (pretty good privacy). Current trends in mobile IP, mobile databases, and data management, protocols, and security for wireless communication. Prerequisite: COEN 250.

Course Learning Objective:

Awareness of basics of information security, including threats, vulnerabilities, countermeasures. Awareness of automated information systems. Understanding of security planning, risk management, systems life cycle management, personnel security practices and procedures, software security, network security, auditing, monitoring, cryptosecurity, key management, transmission security, and TEMPEST security.

Major Topics:

Security for distributed systems, including networks. Authentication, certification, and key management. Technologies for protecting information, files, data, and privacy. Software security, cryptosecurity, key management, transmission security, and TEMPEST security.

Method of Instruction:

Lecture, assignments, projects

Evaluation Methods:

Tests, assignments, projects