Summer
2005

Security Engineering
(half-course, 4VL + 2 PR)

VL:   Mon,  1PM-3PM, RUD 26, 1.303,  Dr. Wolf Müller
 Wed,    1PM-3PM, RUD 26, 1.303,  Dr. Wolf Müller
PR:  Wed,11AM-1PM,  RUD 26, 1.303,  Dipl-Inf. A. Zubow


Computer Science Department
Systems Architecture Group

 
 
Abstract: As a user of the Internet, you are fortunate to be tied into the world's greatest communication and information exchange - but not without a price. As a result of this connection, your computer, your organization's network, and everywhere the network reaches are all vulnerable to potentially disastrous infiltration by hackers. [W. Cheswick. Firewalls and Internet Security]
 
Synopsis:
  • Half-Course, Praktische Informatik, Hauptstudium.
  • Offered regularly, at least once every two years, usually in spring.
  • 2 lectures per week, 2h each, over one semester (4SWS VL).
  • 1 lab (Praktikum) per week, 2h each, over one semester (2SWS PR).

Credits:

  • There will be a few, short, unannounced, closed-book quizzes to verify your existence and to test your understanding. These will be worth 40 percent of the final grade.
  • An announced final examination will be given at he end of the semester. It will cover all of the relevant readings and material presented and discussed in class. It will be worth 60 percent of the course grade.
  • To qualify for the final examination, you have to complete all lab assignments to the satisfaction of the teaching assistant (70% = 38.5 points).
  • Regular class attendance is expected; frequent absences are grounds for a failing grade regardless of other performance. You may be missing for up to 1 lecture per semester without prior and reasonable excuse. 'prior' means notification by email before the end of business the day before the lecture. 'reasonable' means sickness or study-related events that require your attendance.
  • Lectures begin on time. Students arriving more than 10 minutes late will not be admitted to the lecture and will be counted as 'missing' that day.

Prerequisites:

  • Successful completion of PI-1.
  • Decent Java programming skills.
  • At least one semester attendance of  'Development Tools and System Administration in Unix'.

Slides: (pdf)

Demonstrations: (please use with care and conform to CBO)

Syllabus:

  • What is Security Engineering?  How to think about security?
  • Principles and problems
    • Authentication
    • Authorization
    • Access Control
    • Integrity
    • Privacy
  • Solutions
  • Attack types (overview)
    • Man in the middle
    • Social engineering
    • ...
  • Case Studies
    • Access Control in UNIX
    • Access Control in Windows 2000/XP
    • Denial of service attack in internet
    • VISA-Card / Banking Cards
    • Internet Banking
    • Secure Electronic Documents (Acrobat/PDF)
    • Secure Printing and Seals
    • Copyright and Privacy Protection, Digital Rights Management (DRM)
  • Advanced problems and solutions
    • Emission Security
    • Security in Distributed Systems
    • Multilateral Security
    • Multilevel Security
    • Electronic and Information Warfare
    • Telecom System Security
  • Quantum Cryptography (optional if time left)

 

Syllabus - Lab (Practicum, 70% = 38.5 points required):

Topics - Lab (PowerStudents):

  • Identity Server:
    - Installation of a Liberty Alliance conform server
    - Documentation of the installation procedure
    - Overview about standard, design and functionality
  • Programming / Installation of a Client Liberty Alliance conform client
    - Goal online authorization, access control using LA
    - example: HTTP service, or login to a laptop
    - Documentation
  • Offline mechanisms for authorization and access control
    - Focus: ticket based methods
    - How to prevent reuse /replay attacks?
    - Overview about assumptions, solutions, existing works and procedures.
1.

Suggested Readings (Books):

  • Claudia Eckert. IT-Sicherheit
  • Ross Anderson. Security Engineering: A Guide to Building Dependable Distributed Systems.
  • Bruce Schneier. Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition.
 Links
Cambridge
Ross Anderson's home page
Bruce Schneier
home page
Safe Personal Computing (DE)
NIH
Computer Security Information
NIST
Computer Security Resource Center
NIST
Federal Information Processing Standards Publications (FIPS)

CERT
 
cert.org
BSI
Bundesamt für Sicherheit in der Informations-technik
Biometrics
The Biometric Consortium
Overview (german)
OS specific
Windows-Security
Linux-Security
e-Learning
CrypTool (de)


 


Legal disclaimer. .  © 2023 Humboldt-Universität zu Berlin, Computer Science Department, Systems Architecture Group.Contact: sar@informatik.hu-berlin.de .