CSE 331

CSE 331: Introduction to Networks and Security

Fall 2001Instructor: Carl A. Gunter

Slide Set 1

Personnel

Carl A. Gunter - Lecturer http://www.cis.upenn.edu/~gunter Office hour: 3:30 to 4:30 in 370 Moore GRW.

Marc Corliss mcorliss@cis.upenn.edu www.cis.upenn.edu/~mcorliss Office hours: 1-2 Tuesday, 4-5 Thursday,

location TBD. Class web page

http://www.cis.upenn.edu/~cse331

Course Pre-Requisites

You would like to understand network and security fundamentals.

You have knowledge of Java programming. You like programming and want to know how to build secure networked systems.

You did not take TCOM 500 and you are not registered for it now.

If you complete TCOM 500, I look forward to seeing you in CIS/TCOM 551 this spring.

Assessment

Meet the Prof. Exams. Projects.

Meet The Prof Requirement

You must come and see the professor during at least one of his office hours before the second exam.

What to talk about: describe a computer-related project you did, are doing now, or plan to do.

How long? About 10-20 minutes.

Exams

Two in-class midterm exams. Wednesday October 10 from 11:00 to

11:50. Wednesday November 7 from 11:00 to

11:50 A 120 minute final exam.

As determined by registrar.

Projects

Assorted programming and essay projects. Early project: packet analysis.

Some projects will allow teams. Important rule: team members

cannot be “reused”. It will be wise to know your

classmates!

Make-Up Lecture

There will be an extra lecture on Wednesday, December 12. Material in this lecture will not be covered by exams or projects.

Recommended Reading

Computer Networks, A Systems Approach. Second Edition. Larry L. Peterson and Bruce S. Davie. Morgan Kaufmann 2000.

Handbook of Applied Cryptography. Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone. CRC 1997.

Secure Electronic Commerce. Warwick Ford and Michael S. Baum. Prentice Hall 1996.

Network Security Essentials: Applications and Standards. William Stallings. Prentice Hall 2000.

Reading for Fun and Profit

Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage. Clifford Stoll. Pocket Books 2000.

Crypto : How the Code Rebels Beat the Government -- Saving Privacy in the Digital Age. Steven Levy. Viking Press 2001.

Cryptonomicon. Neal Stephenson. Harperperennial Library 2000.

History of Cryptology

The Codebreakers; The Comprehensive History of Secret Communication from Ancient Times to the Internet. David Kahn. Scribner 1996.

The Code Book : The Science of Secrecy from Ancient Egypt to Quantum Cryptography. Simon Singh. Anchor Books 2000.

What is a Network?

Dictionary definition: A group or system of electric components and connecting circuitry designed to function in a specific manner.

Mainframe and terminals

Telephone network

Video cable network

The Four Major Networks

Telephone Television Radio Internet

Computer networks

Computer networks are built mainly from general-purpose programmable hardware.

They support an extensible class of applications.

We will focus on networks consisting of hosts, which provide programmability, physical networks, which support direct

communication, and network elements, which support

communication between networks

Computer network

Applications

Electronic mail File transfer and remote terminals World-wide web (WWW) Telephony (IP and POTS) Document facsimile (FAX) Network video (NV)

What Is Security?

Dictionary definition: protection or defense against attack, interference, espionage, etc.

System Vs. Environment (Safety)

Environment

System

System Vs. Environment (Security)

System

Environment

Goals of Security

DATA

Integrity

DATA

Availability

DATA

Confidentiality

Access Matrix

Principals

Objects

R R/W 0 R

R/W 0 R R

R 0 0 R/W

0 R R/W R/W

A B C D

Fred

Joe

Bow-Yaw

Sarah

Denial of Service

Principals

Objects

R R/W 0 R

R/W 0 R R

R 0 0 R/W

0 R R/W R/W

A B C D

Fred

Joe

Bow-Yaw

Sarah

0

Breach of Confidentiality

Principals

Objects

R R/W 0 R

R/W 0 R R

R 0 0 R/W

0 R R/W R/W

A B C D

Fred

Joe

Bow-Yaw

Sarah

R

Breach of Integrity

Principals

Objects

R R/W 0 R

R/W 0 R R

R 0 0 R/W

0 R R/W R/W

A B C D

Fred

Joe

Bow-Yaw

Sarah

W

Overlapping GoalsAvailability

Integrity Confidentiality

Loss ofConfidence

Difficulty ofuse and poorperformance

Ability to Corrupt

Networks and Security

Early views of computer security were mainly motivated by time sharing. Protect a user’s files and processes.

Security concerns extended to electronic commerce with EDI (Electronic Data Interchange) over VANs (Value Added Networks). Proper transaction processing.

Concerns are now focused on security over the public Internet and wireless devices.

Internet Security Concerns

Confidentiality of transmitted data, such as passwords and credit card numbers.

Integrity of network information, such as routing tables and DNS bindings.

Authentication of users who have contact only via the Internet.

Thwarting Denial of Service (DoS) attacks. Aiding security of host systems using

firewalls, etc.

Aim of This Course

Teach networking basics, mainly as they are relevant to security. (Reduced emphasis on performance.)

Teach security basics, mainly as they apply to the Internet.