Top Banner

Click here to load reader

of 76

An Overview Muhammad Najmul Islam Farooqui Assistant Professor Department of Computer Engineering 1

Dec 26, 2015



  • Slide 1
  • An Overview Muhammad Najmul Islam Farooqui Assistant Professor Department of Computer Engineering 1
  • Slide 2
  • Muhammad Najmul Islam Farooqui (B) Ms. Roohi Kamal(A) Mr. Muhammad Naseem (C) Mr. Hisham Naeem (DE) Mr. Noman Ali Khan (F) 2
  • Slide 3
  • 3 TheoryPractical 3/41/4 Mid Term Exam Labs Theoretical aspects of the course Practical approach to the course
  • Slide 4
  • 4 Marks Distribution Total 100 points LecturesLabs Course WorkExams Weekly LabsAttendance Assign.QuizzesMid TermFinal Lab1, Lab 2 Lab n 8020 575 146 231560
  • Slide 5
  • Course Coverage 5
  • Slide 6
  • 6 WeekTopics CoveredStudy Ref. 1. Introduction, General discussion about course contents, Historical Review of Computer Security, Threats and attacks to Data Security, A Generic Model of Network Security Pg # 31-54 2. What is Cryptography & Cryptanalysis, Concepts of Cryptographic Algorithm, Conventional Cryptographic techniques, Substitution and Transposition, Cryptanalysis Techniques Pg # 55-89 3. Introduction to S-DES, Overview and Mechanism of Encryption in DES, DES Design Principles Pg # 90-124 4. Triple Data Encryption Standard (3-DES), Modes of Operations of Symmetric Key Algorithms, International Data Encryption Algorithm (IDEA) Pg # 217-241, IDEA Handout 5. Raijndael Algorithm (The Finalist of AES), Simplified AES, Mechanism of Encryption in AES Pg # 171-214 6. Key Exchange Problem, Key Exchange Approaches using Symmetric Key algorithm and Need for Public Key Cryptography Pg # 435- 453 7. Number Theory, Modular Arithmetic, Eulers Function and Public Key Cryptography, Diffie-Hellman Key Exchange Algorithm Pg # 267-275, 324- 332 8. Introduction to RSA, Key Generation and Encryption, Examples, RSA Applications in Network Security Pg # 290-331
  • Slide 7
  • Course Coverage 7
  • Slide 8
  • 8 9. Authentication Functions, Hash Function and its properties, Secure Hashing Algorithm (SHA), Pg #351-376, 386-399 10. Digital Signature and Authentication Requirements, Message Authentication Code, Introduction to Digital Signatures, RSA Approach, Digital Signature Standard (DSS) and its proof Pg # 419-430 11. Email Security Standards, PGP Certificate and Algorithms, Introduction to Trust Models Pg # 591- 599, 636-638 12. Introduction to IPSec, IPSec Security Model, IPSec modes and protocols, IPSec Technologies Pg # 639-662 13. Introduction to VPNs, VPN Features, Protocols used in VPNs, L2TP, PPTP Lecture Notes 14. Introduction & History of SSL, SSL in Client-Server Architecture, Transport Layer Security Pg # 509-543 15. Introduction to Firewalls, Components of Firewalls, Types of Firewalls, Lecture Notes, Online Chapter 16. Architecture and Policies in Intrusion Detection Systems, Introduction to Viruses, and Trojans Lecture Notes, Online Chapter Final Examination
  • Slide 9
  • Text Book Reference Books Specific to the course General to the topic Internet Sources 9
  • Slide 10
  • Cryptography and Network Security: Principles & Practice (Fifth Edition) By William Stallings Prentice Hall Publication 10
  • Slide 11
  • Specific to the Course Handbook of Cryptography By Alfred J. Menezese, Paul C. van Orchi Network Security Essentials, 2 nd Edition William Stallings, Prentice Hall, 2003 Web Security: A step-by-step Reference Guide By Lincoln D. Stein Addison Wesley Publication Internet Security Protocols: Protecting IP Traffic (Low Price Edition) By Uyless Black Pearson Education Asia Publication General to the Topic Active Defense: A Comprehensive Guide to Network Security By Chris Brenton & Cameron Hunt 11
  • Slide 12
  • security-lecture/ security-lecture/ 12
  • Slide 13
  • Online Access Soft Copy Hard Copy Will not be provided 13
  • Slide 14
  • Strictly practice your attendance in the class and labs. No relaxation, compensation or adjustment in your attendance. Be in Uniform (at least in the class) Preserve the sanity of the class, teachers, department and the University. Help us in serving you for a better future. 14
  • Slide 15
  • The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications) is called Computer Security. 15
  • Slide 16
  • 16 Computer security is a heady concoction of science, technology, and engineering. A secure system is only as strong as the weakest link, so each part of the mix needs to be good.
  • Slide 17
  • Security The protection of assets. Computer Security Focuses on protecting assets within computer systems. Just as real-world physical security systems vary in their security provision (e.g., a building may be secure against certain kinds of attack, but not all), so computer security systems provide different kinds and amounts of security. 17
  • Slide 18
  • For some Computer Security is controlling access to hardware, software and data of a computerized system. A large measure of computer security is simply keeping the computer system's information secure. In broader terms, computer security can be thought of as the protection of the computer and its resources against accidental or intentional disclosure of confidential data, unlawful modification of data or programs, the destruction of data, software or hardware. Computer security also includes the denial of use of ones computer facilities for criminal activities including computer related fraud and blackmail. Finally, computer security involves the elimination of weaknesses or vulnerabilities that might be exploited to cause loss or harm. 18
  • Slide 19
  • Why the need for Computer Security? The value of computer assets and services What is the new IT environment? Networks and distributed applications/services Electronic Commerce (E-commerce, E-business) 19
  • Slide 20
  • Most companies use electronic information extensively to support their daily business processes. Data is stored on customers, products, contracts, financial results, accounting etc. If this electronic information were to become available to competitors or to become corrupted, false or disappear, what would happen? What would the consequences be? Could the business still function? 20
  • Slide 21
  • The network is the computer Proliferation of networks has increased security risks much more. Sharing of resources increases complexity of system. Unknown perimeter (linked networks), unknown path. Many points of attack. Computer security has to find answers to network security problems. Hence today the field is called Computer and Network Security. 21
  • Slide 22
  • 22
  • Slide 23
  • Computer fraud in the U.S. alone exceeds $3 billion each year. Less than 1% of all computer fraud cases are detected over 90% of all computer crime goes unreported. Although no one is sure how much is lost to EFT crime annually, the consensus is that the losses run in the billions of dollars. Yet few in the financial community are paying any heed. Average computer bank theft amounts to $1.5 million. 23
  • Slide 24
  • 24
  • Slide 25
  • 25
  • Slide 26
  • Millions of dollars of damage resulted from the 1989 San Francisco earthquake. The fire at Subang International Airport knocked out the computers controlling the flight display system. A post office near the Computer Room was also affected by the soot which decommissioned the post office counter terminals. According to the caretaker, the computers were not burnt but crashed because soot entered the hard disks. Fire, Earthquakes, Floods, Electrical hazards, etc. How to prevent? 26
  • Slide 27
  • Secrecy Integrity Availability Authenticity Non-repudiation Access control 27
  • Slide 28
  • Secrecy requires that the information in a computer system only be accessible for reading by authorized parties. This type of access includes: Printing Displaying Other forms of disclosure, including simply revealing the existing of an object 28
  • Slide 29
  • Integrity requires that the computer system asset can be modified only by authorized parties. Modification includes: Writing Changing Changing status Deleting and Creating 29
  • Slide 30
  • Availability requires that computer system assets are available to authorized parties. Availability is a requirement intended to assure that systems work promptly and service is not denied to authorized users. 30
  • Slide 31