cse 331 introduction to networks and security n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
CSE 331: Introduction to Networks and Security PowerPoint Presentation
Download Presentation
CSE 331: Introduction to Networks and Security

Loading in 2 Seconds...

play fullscreen
1 / 31

CSE 331: Introduction to Networks and Security - PowerPoint PPT Presentation


  • 116 Views
  • Uploaded on

CSE 331: Introduction to Networks and Security. Slide Set 1. Fall 2001 Instructor: Carl A. Gunter. Personnel. Carl A. Gunter - Lecturer http://www.cis.upenn.edu/~gunter Office hour: 3:30 to 4:30 in 370 Moore GRW. Marc Corliss mcorliss@cis.upenn.edu www.cis.upenn.edu/~mcorliss

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'CSE 331: Introduction to Networks and Security' - komala


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
cse 331 introduction to networks and security

CSE 331: Introduction to Networks and Security

Slide Set 1

Fall 2001

Instructor: Carl A. Gunter

CSE 331

personnel
Personnel
  • Carl A. Gunter - Lecturer
    • http://www.cis.upenn.edu/~gunter
    • Office hour: 3:30 to 4:30 in 370 Moore GRW.
  • Marc Corliss
    • mcorliss@cis.upenn.edu
    • www.cis.upenn.edu/~mcorliss
    • Office hours: 1-2 Tuesday, 4-5 Thursday, location TBD.
  • Class web page
    • http://www.cis.upenn.edu/~cse331
course pre requisites
Course Pre-Requisites
  • You would like to understand network and security fundamentals.
  • You have knowledge of Java programming. You like programming and want to know how to build secure networked systems.
  • You did not take TCOM 500 and you are not registered for it now.
  • If you complete TCOM 500, I look forward to seeing you in CIS/TCOM 551 this spring.
assessment
Assessment
  • Meet the Prof.
  • Exams.
  • Projects.
meet the prof requirement
Meet The Prof Requirement
  • You must come and see the professor during at least one of his office hours before the second exam.
  • What to talk about: describe a computer-related project you did, are doing now, or plan to do.
  • How long? About 10-20 minutes.
exams
Exams
  • Two in-class midterm exams.
    • Wednesday October 10 from 11:00 to 11:50.
    • Wednesday November 7 from 11:00 to 11:50
  • A 120 minute final exam.
    • As determined by registrar.
projects
Projects
  • Assorted programming and essay projects.
    • Early project: packet analysis.
  • Some projects will allow teams.
  • Important rule: team members cannot be “reused”.
  • It will be wise to know your classmates!
make up lecture
Make-Up Lecture
  • There will be an extra lecture on Wednesday, December 12. Material in this lecture will not be covered by exams or projects.
recommended reading
Recommended Reading
  • Computer Networks, A Systems Approach. Second Edition. Larry L. Peterson and Bruce S. Davie. Morgan Kaufmann 2000.
  • Handbook of Applied Cryptography. Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone. CRC 1997.
  • Secure Electronic Commerce. Warwick Ford and Michael S. Baum. Prentice Hall 1996.
  • Network Security Essentials: Applications and Standards. William Stallings. Prentice Hall 2000.
reading for fun and profit
Reading for Fun and Profit
  • Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage. Clifford Stoll. Pocket Books 2000.
  • Crypto : How the Code Rebels Beat the Government -- Saving Privacy in the Digital Age. Steven Levy. Viking Press 2001.
  • Cryptonomicon. Neal Stephenson. Harperperennial Library 2000.
history of cryptology
History of Cryptology
  • The Codebreakers; The Comprehensive History of Secret Communication from Ancient Times to the Internet. David Kahn. Scribner 1996.
  • The Code Book : The Science of Secrecy from Ancient Egypt to Quantum Cryptography. Simon Singh. Anchor Books 2000.
what is a network
What is a Network?
  • Dictionary definition: A group or system of electric components and connecting circuitry designed to function in a specific manner.
the four major networks
The Four Major Networks
  • Telephone
  • Television
  • Radio
  • Internet
computer networks
Computer networks
  • Computer networks are built mainly from general-purpose programmable hardware.
  • They support an extensible class of applications.
  • We will focus on networks consisting of
    • hosts, which provide programmability,
    • physical networks, which support direct communication, and
    • network elements, which support communication between networks
applications
Applications
  • Electronic mail
  • File transfer and remote terminals
  • World-wide web (WWW)
  • Telephony (IP and POTS)
  • Document facsimile (FAX)
  • Network video (NV)
what is security
What Is Security?
  • Dictionary definition: protection or defense against attack, interference, espionage, etc.
goals of security

DATA

DATA

Confidentiality

DATA

Integrity

Availability

Goals of Security
access matrix
Access Matrix

Principals

R R/W 0 R

R/W 0 R R

R 0 0 R/W

0 R R/W R/W

A B C D

Fred

Joe

Bow-Yaw

Sarah

Objects

denial of service
Denial of Service

Principals

0

R R/W 0 R

R/W 0 R R

R 0 0 R/W

0 R R/W R/W

A B C D

Fred

Joe

Bow-Yaw

Sarah

Objects

breach of confidentiality
Breach of Confidentiality

Principals

R

R R/W 0 R

R/W 0 R R

R 0 0 R/W

0 R R/W R/W

A B C D

Fred

Joe

Bow-Yaw

Sarah

Objects

breach of integrity
Breach of Integrity

Principals

W

R R/W 0 R

R/W 0 R R

R 0 0 R/W

0 R R/W R/W

A B C D

Fred

Joe

Bow-Yaw

Sarah

Objects

overlapping goals

Availability

Difficulty of

use and poor

performance

Loss of

Confidence

Integrity

Confidentiality

Ability to Corrupt

Overlapping Goals
networks and security
Networks and Security
  • Early views of computer security were mainly motivated by time sharing.
    • Protect a user’s files and processes.
  • Security concerns extended to electronic commerce with EDI (Electronic Data Interchange) over VANs (Value Added Networks).
    • Proper transaction processing.
  • Concerns are now focused on security over the public Internet and wireless devices.
internet security concerns
Internet Security Concerns
  • Confidentiality of transmitted data, such as passwords and credit card numbers.
  • Integrity of network information, such as routing tables and DNS bindings.
  • Authentication of users who have contact only via the Internet.
  • Thwarting Denial of Service (DoS) attacks.
  • Aiding security of host systems using firewalls, etc.
aim of this course
Aim of This Course
  • Teach networking basics, mainly as they are relevant to security. (Reduced emphasis on performance.)
  • Teach security basics, mainly as they apply to the Internet.