Post on 11-Jan-2016
CSE 331
CSE 331: Introduction to Networks and Security
Fall 2001Instructor: Carl A. Gunter
Slide Set 1
Personnel
Carl A. Gunter - Lecturer http://www.cis.upenn.edu/~gunter Office hour: 3:30 to 4:30 in 370 Moore GRW.
Marc Corliss mcorliss@cis.upenn.edu www.cis.upenn.edu/~mcorliss Office hours: 1-2 Tuesday, 4-5 Thursday,
location TBD. Class web page
http://www.cis.upenn.edu/~cse331
Course Pre-Requisites
You would like to understand network and security fundamentals.
You have knowledge of Java programming. You like programming and want to know how to build secure networked systems.
You did not take TCOM 500 and you are not registered for it now.
If you complete TCOM 500, I look forward to seeing you in CIS/TCOM 551 this spring.
Assessment
Meet the Prof. Exams. Projects.
Meet The Prof Requirement
You must come and see the professor during at least one of his office hours before the second exam.
What to talk about: describe a computer-related project you did, are doing now, or plan to do.
How long? About 10-20 minutes.
Exams
Two in-class midterm exams. Wednesday October 10 from 11:00 to
11:50. Wednesday November 7 from 11:00 to
11:50 A 120 minute final exam.
As determined by registrar.
Projects
Assorted programming and essay projects. Early project: packet analysis.
Some projects will allow teams. Important rule: team members
cannot be “reused”. It will be wise to know your
classmates!
Make-Up Lecture
There will be an extra lecture on Wednesday, December 12. Material in this lecture will not be covered by exams or projects.
Recommended Reading
Computer Networks, A Systems Approach. Second Edition. Larry L. Peterson and Bruce S. Davie. Morgan Kaufmann 2000.
Handbook of Applied Cryptography. Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone. CRC 1997.
Secure Electronic Commerce. Warwick Ford and Michael S. Baum. Prentice Hall 1996.
Network Security Essentials: Applications and Standards. William Stallings. Prentice Hall 2000.
Reading for Fun and Profit
Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage. Clifford Stoll. Pocket Books 2000.
Crypto : How the Code Rebels Beat the Government -- Saving Privacy in the Digital Age. Steven Levy. Viking Press 2001.
Cryptonomicon. Neal Stephenson. Harperperennial Library 2000.
History of Cryptology
The Codebreakers; The Comprehensive History of Secret Communication from Ancient Times to the Internet. David Kahn. Scribner 1996.
The Code Book : The Science of Secrecy from Ancient Egypt to Quantum Cryptography. Simon Singh. Anchor Books 2000.
What is a Network?
Dictionary definition: A group or system of electric components and connecting circuitry designed to function in a specific manner.
Mainframe and terminals
Telephone network
Video cable network
The Four Major Networks
Telephone Television Radio Internet
Computer networks
Computer networks are built mainly from general-purpose programmable hardware.
They support an extensible class of applications.
We will focus on networks consisting of hosts, which provide programmability, physical networks, which support direct
communication, and network elements, which support
communication between networks
Computer network
Applications
Electronic mail File transfer and remote terminals World-wide web (WWW) Telephony (IP and POTS) Document facsimile (FAX) Network video (NV)
What Is Security?
Dictionary definition: protection or defense against attack, interference, espionage, etc.
System Vs. Environment (Safety)
Environment
System
System Vs. Environment (Security)
System
Environment
Goals of Security
DATA
Integrity
DATA
Availability
DATA
Confidentiality
Access Matrix
Principals
Objects
R R/W 0 R
R/W 0 R R
R 0 0 R/W
0 R R/W R/W
A B C D
Fred
Joe
Bow-Yaw
Sarah
Denial of Service
Principals
Objects
R R/W 0 R
R/W 0 R R
R 0 0 R/W
0 R R/W R/W
A B C D
Fred
Joe
Bow-Yaw
Sarah
0
Breach of Confidentiality
Principals
Objects
R R/W 0 R
R/W 0 R R
R 0 0 R/W
0 R R/W R/W
A B C D
Fred
Joe
Bow-Yaw
Sarah
R
Breach of Integrity
Principals
Objects
R R/W 0 R
R/W 0 R R
R 0 0 R/W
0 R R/W R/W
A B C D
Fred
Joe
Bow-Yaw
Sarah
W
Overlapping GoalsAvailability
Integrity Confidentiality
Loss ofConfidence
Difficulty ofuse and poorperformance
Ability to Corrupt
Networks and Security
Early views of computer security were mainly motivated by time sharing. Protect a user’s files and processes.
Security concerns extended to electronic commerce with EDI (Electronic Data Interchange) over VANs (Value Added Networks). Proper transaction processing.
Concerns are now focused on security over the public Internet and wireless devices.
Internet Security Concerns
Confidentiality of transmitted data, such as passwords and credit card numbers.
Integrity of network information, such as routing tables and DNS bindings.
Authentication of users who have contact only via the Internet.
Thwarting Denial of Service (DoS) attacks. Aiding security of host systems using
firewalls, etc.
Aim of This Course
Teach networking basics, mainly as they are relevant to security. (Reduced emphasis on performance.)
Teach security basics, mainly as they apply to the Internet.