CS3690: Network Security

Summer Quarter, 2001
Cynthia Irvine



Cynthia Irvine
Office: Sp 528a
Phone: x2461
E-mail:  irvine@cs.nps.navy.mil

Where and When

Lectures: Sp 221 -- 1000-1100, M,T, W, Th
Lab: Sp 506 or Sp 221  -- 1000 Th

Course Objectives:

This course covers a broad range of topics in security for networked and internetworked computer systems. It examines security and integrity objectives in terms of high level policy and presents security services used to address those requirements. Selection and management of cryptographic algorithms and keys to achieve to achieve network security objectives is addressed. Network security architectures are examined in terms of systems able to insure that critical security functions are protected from unauthorized modification, correct, and always invoked. Access control in networked systems is examined. Case studies will be made of selected past and current multilevel security architectures in DoD. Additional topics will include security peripherals for cryptography and authentication; the cascade problem; guards; and filters

Course activities

Lectures, readings, homework, security project, three one-hour exams.

Text and Readings:
The required textbook is

Network Security Essentials, by William Stallings, Prentice-Hall, 2000.

 Other books covering network security and can provide you with an alternate perspective on the subject. They are not required. One is a text, while the other is best used for reference.

Selected papers and documents will be readings pertinent to an area of particular interest.

1.Don Davis, Defective Sign & Encrypt in S/MIME, PKCS#7, MOSS, PEM, PGP, and XML

2.M. Burrows, M. Abadi, and R. Needham, A Logic of Authentication, Proc. R. Soc. Lond. A 426(1989) pp. 233-271. Also SRC Research Report 39, Digital Equipment Corp.

3.Butler Lampson, Martin Abadi, Michael Burrows, Edward Wobber, Authentication in Distributed Systems: Theory and Practice, ACM Transactions on Computer Systems, 12(1):3-32, February 1994.Also SRC Research Report 83, Digital Equipment Corp.

Grading components

Project - individual contribution
Project - group accomplishment and report
Class participation and demonstration of insight
Quizzes - 2 equally weighted

The first exam will be given during the sixth week of class and the second exam will be given during the last lab period

Prerequisites and Course Difficulty
A prerequisite for this course is Introduction to Computer Security, CS3600. New mathematics will be introduced during part of this course that will depend on a comfort using algebra. Since the project will entail designing, implementing, and or installing components, you are expected to be able to use computers. In some cases, programming experience may be helpful.

Homework and Labs
There will be both traditional homework assignments and laboratory-based project. The PKI Laboratory, which was generously provided and supported through the ASD C4I and the PKI PMO, will be used at the launch point for our laboratory activities.

Scheduling Note

My time is being pulled in many directions by transitions taking place at NPS. I will be traveling quite a bit. During those travel days, you will be expected to concentrate on difficult reading assignments and work on your laboratory activities. I plan to lecture during lab periods when I am here. It is my objective to make this class as rewarding as possible for you both in terms of learning some of the foundational material that helps us believe that we are doing the right thing when we design a secure network architecture and through the implementation of an aspect of network security.

Last Modified:  4 July 2001