Information Security and Computer Systems: An Integrated Approach Mark A. Holliday and Bill Kreahling, Dept of Mathematics and Computer Science Western.

Slides:



Advertisements
Similar presentations
IPSec.
Advertisements

Umut Girit  One of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
CS3505 The Internet and Info Hiway transport layer protocols : TCP/UDP.
Chapter 7 – Transport Layer Protocols
Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
PROTOCOLS AND ARCHITECTURE Lesson 2 NETS2150/2850.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
CSIT435 Spring 2001 Final Examination Study Guide.
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Course Review i206 Fall 2010 John Chuang. 2 Outline  Test 3 topics  Course review  Course evaluation.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
SSH Secure Login Connections over the Internet
Process-to-Process Delivery:
OSI Model Routing Connection-oriented/Connectionless Network Services.
TRANSPORT LAYER T.Najah Al-Subaie Kingdom of Saudi Arabia Prince Norah bint Abdul Rahman University College of Computer Since and Information System NET331.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
8: Network Security8-1 Security in the layers. 8: Network Security8-2 Secure sockets layer (SSL) r Transport layer security to any TCP- based app using.
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
1 Network Security Lecture 1 Course Overview Waleed Ejaz
Presentation on Osi & TCP/IP MODEL
Chapter 6: Packet Filtering
Network Security. Information secrecy-only specified parties know the information exchanged. Provided by criptography. Information integrity-the information.
Protocols and the TCP/IP Suite
Networks – Network Architecture Network architecture is specification of design principles (including data formats and procedures) for creating a network.
Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.
Component 9 – Networking and Health Information Exchange Unit 1-1 ISO Open Systems Interconnection (OSI) This material was developed by Duke University,
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.
Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.
TCP1 Transmission Control Protocol (TCP). TCP2 Outline Transmission Control Protocol.
TCP/IP Protocols Contains Five Layers
23.1 Chapter 23 Process-to-Process Delivery: UDP, TCP, and SCTP Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
Lecture 22 Network Security CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Hesham El-Rewini.
Chapter 13 The Internet.
Lecture 4 Overview. Ethernet Data Link Layer protocol Ethernet (IEEE 802.3) is widely used Supported by a variety of physical layer implementations Multi-access.
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 25 November 16, 2004.
1 CDA 4527 Computer Communication Networking (not “analysis”) Prof. Cliff Zou School of Electrical Engineering and Computer Science University of Central.
1 Computer Communication & Networks Lecture 23 & 24 Transport Layer: UDP and TCP Waleed Ejaz
SECURITY REQUIREMENTS AND MANAGEMENT: Presentation By: Guillermo Dijk.
@Yuan Xue CS 285 Network Security Placement of Security Function and Security Service Yuan Xue Fall 2013.
@Yuan Xue CS 285 Network Security Fall 2012 Yuan Xue.
Cisco I Introduction to Networks Semester 1 Chapter 7 JEOPADY.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Process-to-Process Delivery:
FIREWALLS An Important Component in Computer Systems Security By: Bao Ming Soh.
IST 201 Chapter 11 Lecture 2. Ports Used by TCP & UDP Keep track of different types of transmissions crossing the network simultaneously. Combination.
IPSec Detailed Description and VPN
Security Outline Encryption Algorithms Authentication Protocols
IT443 – Network Security Administration Instructor: Bo Sheng
Chapter 18 IP Security  IP Security (IPSec)
Process-to-Process Delivery, TCP and UDP protocols
Overview of Networking & Operating System Security
ACM/IEEE-CS Computer Science Curriculum
Message Digest Cryptographic checksum One-way function Relevance
Process-to-Process Delivery:
Chapter 15 – Part 2 Networks The Internal Operating System
CPEG514 Advanced Computer Networkst
CS4470 Computer Networking Protocols
Process-to-Process Delivery: UDP, TCP
Presentation transcript:

Information Security and Computer Systems: An Integrated Approach Mark A. Holliday and Bill Kreahling, Dept of Mathematics and Computer Science Western Carolina University InfoSecCD 2006 Kennesaw, GA 23 September 2006

2 Acknowledgements Thank-you for financial support from  Software Producibility, Office of Naval Research, Award #N ,

23 September Overview  Motivations for Change  Guidelines: ACM, IEEE-CS, ABET-CAC  New Curriculum Framework  Initial Information Security Option  Final Information Security Option  InfoSec I and Internet Protocols  InfoSec II and Operating Systems  Conclusions

23 September Motivations for Change  Issue: How to create a prominent role for Information Security in – a B.S. in Computer Science curriculum – consistent with ACM/IEEE-CS/ABET-CAC guidelines – a small computer science program – a way that shows the close connection to computer systems  Result: One Design and Rationale

23 September Motivations for Change Why?  Information security is of increasing importance  Want to reinforce the computer systems courses and the information security courses by showing their interconnections – Goal is technical insight, not technical skill per se  Want to provide the students more choices – in a way that organizes those choices into coherent themes

23 September Motivations for Change  Additional constraints – Must be consistent with curriculum guidelines for a B.S. in Computer Science degree – Must be feasible for a small computer science program (70 majors; graduates per year)  We present one design and its rationale that meets these constraints

23 September Guidelines: ACM, IEEE-CS, ABET-CAC  2001 ACM/IEEE Computer Society Curriculum Guidelines for Computer Science – Encourages a small core combined with options – Body of Knowledge (BoK) – Subset of BoK that should be in any computer science curriculum

23 September Guidelines: ACM, IEEE-CS, ABET-CAC  ABET-CAC (Computing Accreditation Commission) Accreditation Criteria – “IV-6. The core materials must provide basic coverage of algorithms, data structures, software design, concepts of programming languages, and computer organization and architecture.”

23 September

10 New Curriculum Framework: The Options  How many courses and how many prerequisites?  Ideal – Many courses in an option to cover the area well – Student must have completed all of the courses in the core (with at least a grade of C)

23 September New Curriculum Framework: The Options  Reality – Degree needs to be 120 credit hours – 54 credit hours of Liberal Studies and General Electives – Student must be able to graduate in four years (assuming satisfactory progress) – 2+2: Transfer students with an A.S. degree should be able to graduate in two years

23 September New Curriculum Framework: The Options  Compromise – Major has 40 hours of CS courses and 31 hours of Mathematics and Sciences – CS Core is 25 hours – Options are 15 hours (5 courses of 3 credit hours) – Option courses have as prerequisites second programming course (our CS2, locally CS151) our intro to computer systems course (for most option courses)

23 September New Curriculum Framework: The Options  Three Options: – Computer Systems – Information Security – Custom  All options allow at least one free choice – Recall goal of more student choices => at most four required courses in an option

23 September Initial Information Security Option  Two key computer systems courses – Operating Systems and Internet Protocols  Pair each with an information security course that covers the corresponding security issues – Operating Systems => Computer Security – Internet Protocols => Internet Security  The two pairs are independent

23 September

23 September Final Information Security Option  Independence does not work because so many topics build on cryptography and its security uses  Solution: – Order them with new names Information Security I and II  Internet Protocols co-req first – Since cryptographic applications are more naturally developed for internet security

23 September

23 September InfoSec I and Internet Protocols Example Cross-Connections  InfoSec I: authentication and example attacks Internet Protocols: TCP connection establishment handshake – 3-way, random start sequence numbers, including random start sequence number for the other side

23 September InfoSec I and Internet Protocols Example Cross-Connections  InfoSec I: message integrity and non- repudiation =>Digital signatures and message digests => Hash functions Internet Protocols: hash functions for error detection – Checksums in UDP, TCP, and IP – Cyclic Redundancy Check in Ethernet

23 September InfoSec I and Internet Protocols Example Cross-Connections  InfoSec I: trusted intermediaries, key distribution, and certification Internet Protocols: development of IPC (Inter-Process Communication) – Sockets – Remote Procedure Call/Remote Method Invoc. – Web services – Grid computing (Globus, SimpleCA certificate authority)

23 September InfoSec I and Internet Protocols Example Cross-Connections  InfoSec I: firewalls and packet filtering rules Internet Protocols: IP routing tables and key packet header fields – IP addresses – UDP/TCP source and destination ports – ICMP message type – Other TCP header bits: SYN and ACK

23 September InfoSec II and Operating Systems Example Cross-Connections  InfoSec II: process address space vulnerabilities Operating Systems: segment protection (read-only versus read-write), stack overflow, memory management protection features (segmentation faults during address translation)

23 September InfoSec II and Operating Systems Example Cross-Connections  InfoSec II: program vulnerabilities, buffer overflows and software reverse engineering Operating Systems: assembly language, code analysis, automatic bounds checking

23 September InfoSec II and Operating Systems Example Cross-Connections  InfoSec II: system vulnerabilities Operating Systems: – trapping to the kernel (PSW and Interrupt Vector Table) and changing from user mode to kernel mode (not allowed machine instructions) – access control, file permission modes, setuid bit

23 September Conclusions  Issue: How to create a prominent role for Information Security in – a B.S. in Computer Science curriculum – consistent with ACM/IEEE-CS/ABET-CAC guidelines – a small computer science program – in a way that shows the close connection to computer systems  Result: One Design and Rationale

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.