SDSU CS 574 - Computer Security
Outline
This is only a guide to the topics to be discussed. Order and content
will vary from semester to semester, depending on current events,
travel schedules and guest lecturers, and whims of the instructor.
This is a computer science class, providing a thorough introduction to
the topic. It is not a "hacking", or "how to configure your firewall"
class. The emphasis is on the underlying theory and actual
technologies used to solve real-world computer security problems.
Introduction
- historical perspective
- goals, threats and technologies
- threats
- military and private sector views - requirements/desire vs. cost
- structure of security - privacy, integrity, authorization, authentication
- clue curve - hacker vs sysadmin
- threat pyramid
- security as a process, not a "state"
- evolution to "risk management"
Physical Security
- physical threats
- natural disasters - flood, fire, fire systems, power disruption, temp failure
- vandals - destruction or theft of HW, media, etc.
- unauth access - using isolated terminals, taps, JFK/SABRE
- General principles
- contingency planning
- backups
- recovery sites - cold/hot
- disposal of media
- Physical access control
- locks, monitors, badges, human guards
- tempest technology
- emanation control
- details still classified
- the long printer cable
- video monitoring
- shielding vs. "dirty" - Pentagon "mutually dirty"
Crypto Background and Basics
- General principles
- Transposition ciphers
- substitution ciphers
- vernam cipher
- random cipher model
- unicity distance
Symmetric Encryption Algorithms
- "difficulty", "hard", "NP complete" problems
- DES
- AES http://csrc.nist.gov/encryption/aes/
- Clipper/Skipjack
Asymmetric Encryption Algorithms
- public-key cryptosystems
- knapsack ciphers
- RSA
Software-based threats
- viruses
- trojan horses (Thompson)
- software flaws - design and implmentation
Authentication I
- identification vs. authentication
- something you know
- something you have
- something about you
- passwords
- challenge/response
- tokens
- biometrics
information flow in multi-level systems
- military classification system
- information flow analysis
- Bell-LaPadula model
- covert channels
- Biba integrity model
Operating system security
- general approaches
- user authentication
- access controls
- intrusion detection (COAST Intrusion Detection pages)
- "Orange Book" criteria
- case studies
network security
- threats
- encryption in networks
- message authentication
- network topology - partitioning and trust diagrams
- assurance and trust domains - hierarchical and disjoint
- firewalls
- multi-level secure networks
intrusion detecion and analysis
- history and evolution of intrusion detection technology
- IDS - NIDS and HIDS
- anomaly detection vs signature matching
- demonstration of analysis of Linux intrusions
legal issues
- criminal laws related to computer security (Federal and CA state)
- civil liability
- USA/PATRIOT ACT
- crypto export
other topics
current events in computer security