This course emphasizes the need for security; the issues of privacy, confidentiality, integrity and reliability of computer systems vis-à-vis the vulnerabilities and threats to computing system resources: hardware, software, information, communication networks, distributed systems, and databases. Principles of design, implementation and administering secure systems incorporating multilevel security strategies, secrecy/ cryptography algorithms, authentication, non repudiation, digital signatures, Internet/intranet firewalls, OS security aspects, object oriented access control, PVNs are covered in sufficient detail.
Describe efficient basic number-theoretic algorithms, including greatest common divisor, multiplicative inverse mod n, and raising to powers mod n.
Describe at least one public-key cryptosystem, including a necessary complexity-theoretic assumption for its security.
Create simple extensions of cryptographic protocols, using known protocols and cryptographic primitives.
Discuss the fundamental ideas of public-key cryptography.
Describe how public-key cryptography works.
Distinguish between the use of private- and public-key algorithms.
Summarize common authentication protocols.
Generate and distribute a PGP key pair and use the PGP package to send an encrypted e-mail message.
Summarize the capabilities and limitations of the means of cryptography that are conveniently available to the general public.
Outline the technical basis of viruses and denial-of-service attacks.
Enumerate techniques to combat “cracker” attacks.
Discuss several different “cracker” approaches and motivations.
Identify the professional’s role in security and the tradeoffs involved.
Defend the need for protection and security, and the role of ethical considerations in computer use.