Faculty of Informatics
ITCS922
Computer Security Subject Outline
Autumn Session 2007
Head of
School –Professor Philip Ogunbona, Student Resource Centre, Tel: (02) 4221 3606
|
Dr Luke
McAven |
|
|
Telephone
Number: |
4221 4879 |
|
Email: |
|
|
Location: |
39.213 |
Dr McAven’s Consultation
Times During Session
|
Day |
Time |
|
Tuesday Friday |
10:30-12:30 13:30-15:30 |
Subject
Organisation
|
Session: |
Autumn
Session, |
||||||||||||||||
|
Credit
Points |
6 |
||||||||||||||||
|
Contact
hours per week: |
3 hours
lectures, 1 hour lecture/tutorial |
||||||||||||||||
|
Lecture
Times & Location: |
|
||||||||||||||||
|
Tutorial
Day, Time and Location can be found at: |
|
||||||||||||||||
|
Week
# |
Week
starts: |
Lecture
Topic |
Assessment |
|
One |
February 26 |
Introduction,
classical cryptography. |
A1 out. |
|
Two |
March 5 |
Secret-key
cryptography, modern secret-key cryptography. |
|
|
Three |
March 12 |
Modern secret-key
cryptography, block ciphers. |
|
|
Four |
March 19 |
Block ciphers, modes,
AES, stream ciphers, message integrity. |
A1 due. A2 out |
|
Five |
March 26 |
Public key
cryptography. |
|
|
Six |
April 2 |
Public key
cryptography, digital signatures. |
|
|
Recess |
April 9 |
|
A2 due. A3 out. |
|
Seven |
April 16 |
Digital signatures,
hashing. |
|
|
Eight |
April 23 |
Key management, public
key infrastructures |
|
|
Nine |
April 30 |
Identification
protocols, E-mail security. |
A3 due. A4 out. |
|
Ten |
May 7 |
Secure E-payment,
E-commerce. |
|
|
Eleven |
May 14 |
Secret sharing,
E-voting. |
|
|
Twelve |
May 21 |
Fair exchange, privacy
preserving systems |
|
|
Thirteen |
May 28 |
Revision |
A4 due. |
Students
should check the subject’s web site regularly as important information,
including details of unavoidable changes in assessment requirements will be
posted from time to time. Any
information posted to the web site is deemed to have been notified to all
students.
ITCS922 develops the knowledge and skills necessary to identify
the security problems that may occur in a distributed computer environment, and
then to devise means for countering the threats. Covers: Identification:
passwords, challenge-response protocols. Private Key Cryptography: classical
ciphers, Feistel cryptosystems. Public Key Cryptography: RSA, Merkle-Hellman,
El-Gamal, Elliptic-Curve cryptosystems. Hashing: Birthday paradox, serial and
parallel hashing, MD family, keyed hashing. Digital Signatures: generic, RSA,
El-Gamal, blind, undeniable, fail-stop. Key Establishment Protocols: classical
key transport, DH agreement, Kerberos, SPX, STS protocol, BAN logic. Access
Control: MAC, DAC, RBAC, implementations of access control, security kernel,
Multics, UNIX, capabilities, access control lists. Network Security: IPsec,
viruses, web security, copyright protection.
A student
who successfully completes this subject should be able to:
(i) identify the threats to computing resources in a distributed
computer environment,
(ii) classify cryptographic algorithms in terms of their cryptographic
characteristics and services provided,
(iii) describe two generic key establishment protocols and explain how to
assess their performance,
(iv) categorise different access control models and their relation to access
control policies,
(v) explain how protection of information is implemented in a distributed
computer environment,
(vi) define what is the virus, worm and Trojan horse,
(vii) identify which security services can be implemented using IPsec
protocols,
(viii) describe security aspects of Web technology and their significance for
Electronic Commerce
Attendance
Requirements
It is the responsibility
of students to attend all lectures/tutorials/labs/seminars/practical work for
subjects for which you are enrolled.
It should be noted that according to Course Rule 003{Interpretation Point 2 (t)} each credit point for a single session subject has the value of about two hours per week including class attendance. Therefore, the amount of time spent on each 6 credit point subject should be at least 12 hours per week, which includes lectures/tutorials/labs etc
Satisfactory
attendance is deemed to be attendance at approximately 80%* of the
allocated contact hours. Attendance rolls may be kept for lectures, and
tutorials. If you are present for less than 80%* you need to apply for special consideration,
otherwise a fail grade may be recorded.
The subject has lectures
and a tutorial/lecture, which will generally run as a tutorial for the whole
class. Lecture materials and assignments will be available via WebCT.
Information about the
subject can be found at: http://www.itacs.uow.edu.au/current/subject_outlines/
and via WebCT.
Subject
Materials
-
Cryptography and Network Security, W. Stallings, Fourth Edition, Prentice Hall,
2006
-
Introduction to Computer Security, J. Seberry, J. Pieprzyk and T. Hardjono,
Springer-Verlag, 2003
-
Security in Computing, C. P. Pfleeger and S. L. Pfleeger, Third Edition,
Prentice Hall, 2003
-
Cryptography: Theory and Practice, D. Stinson, Second Edition, CRC Press, 2002
These readings/references are recommended only and are not intended to be an exhaustive list. Students are encouraged to use the library catalogue and databases to locate additional readings
This subject has the
following assessment components.
|
Assessment Items & Format |
Percentage
of Final Mark |
Due Date |
|
Assessment
1: |
8% |
Released
Week 1, due Week 4. |
|
Assessment
2 |
12% |
Released
Week 4, due Recess |
|
Assessment 3 |
8% |
Released Recess, due Week 9. |
|
Assessment 4 |
12% |
Released Week 9, due Week 13 |
|
Final Exam |
60% |
Examination Period |
o
The due dates are tentative. They are subject to
change.
o
Assignments are to be submitted electronically via
SUBMIT before the scheduled time. Submission via email is not acceptable.
o
Electronically submitted assignments will not be
returned to students. Students will receive their result by email.
o
Assignments may be scanned with a plagiarism
detector.
o
An extension of time for the completion of an
assignment may be granted under certain circumstances. A request for an
extension must be made to the Subject Coordinator before the due date (via SOLS and via email to the Subject
coordinator). Supporting documentation must accompany the request for
extension. The Subject Coordinator has
the right to determine whether the request will be granted or not.
o
Late
assignments without granted extension will be marked but the mark awarded will
be reduced by 25% for each day late. Assignments will not be accepted more than four days late unless special consideration
has been applied for or an extension has been granted.
(a)
Unless otherwise specified, assignments are to
be submitted electronically via SUBMIT before the scheduled time. Receipts for
submitted work are e-mailed to the student and should be kept by the student as
evidence of submission. The receipt may contain compilation messages. It is the
student's responsibility to ensure that any errors reported are corrected.
Assignments must work on the Sun Solaris machine banshee. Assignments submitted
via email will not generally be accepted.
(b)
It is the student’s responsibility to keep a
backup of his/her work. In general, an extension will not be granted due to any
circumstance related to the failure of the students’ own equipment.
Students
who copy an assignment may receive zero for that assignment. This also
covers assignments which may be the product of community effort by several
students. Working together is acceptable, but the final coding should be the
work of the individual student, as assessment is a measure of your ability. All
students involved in plagiarism will have zero marks for that assessment task.
Scaling
Final results in this subject may be scaled. The scaling method that will be used in this subject is as follows:
If
E is the student exam mark out of 60, and A is the total assignment mark out of
40, the final mark will be determined as follows:
if E >= 24 (i.e. 40%
of the exam mark): then the students final mark is E + A;
if 21 <= E < 24
(between 35% and 40%): then the students final mark is the minimum of E+A and 47;
Students must refer to the Faculty Handbook or online references which
contains a range of policies on educational issues and student matters.
Please note that if this is your last session and you are granted a supplementary exam, be aware that your results will not be processed in time to meet the graduation deadline.
Plagiarism
When you submit an assessment task, you are
declaring the following
1.
It
is your own work and you did not collaborate with or copy from others.
2.
You
have read and understand your responsibilities under the
3.
You
have not plagiarised from published work (including the internet). Where you
have used the work from others, you have referenced it in the text and provided
a reference list at the end ot the assignment.
4.
Plagiarism
will not be tolerated.
5.
Students
are responsible for submitting original work for assessment, without
plagiarising or cheating, abiding by the University’s policies on Plagiarism as
set out in the Calendar under University Policies, and in Faculty handbooks and
subject guides. Plagiarism has led to the expulsion from the University.
This outline should be read in conjunction with the following documents:
|
Code of Practice
- Teaching and Assessment http://www.uow.edu.au/handbook/codesofprac/teaching_code.html |
Key Dates |
|
Code of
Practice - Students http://www.uow.edu.au/handbook/codesofprac/cop_students.html |
Information
Literacies Introduction Program |
|
Acknowledgement
Practice Plagiarism will not be
tolerated |
Student
Academic Grievance Policy http://www.uow.edu.au/handbook/codesofprac/cop_supervision.html#8 |
|
Special
Consideration Policy http://www.uow.edu.au/handbook/courserules/specialconsideration.html |
Code of
Practice-Honours |
|
Non-Discriminatory
Language Practice and Presentation |
Intellectual
Property Policy http://www.uow.edu.au/research/researchmanagement/1998IP.html |
|
Occupational Health and Safety http://staff.uow.edu.au/ohs/commitment/OHS039-ohspolicy.pdf |
SCSSE
Internet Access & Student Resource Centre http://www.sitacs.uow.edu.au/info/current/internet_access_and_resource.shtml |
|
SCSSE
Computer Usage Rules http://www.itacs.uow.edu.au/info/current/support/labs/rules.shtml |
SCSSE Style
Guide for Footnotes, Documentation, Essay and Report Writing |
|
SCSSE
Student Guide |
Informatics
Faculty Librarian, Ms
Annette Meldrum, phone: 4221 4637,ameldrum@uow.edu.au |
|
SCSSE
Subject Outlines |
|