Bachelor in Networking / Computing

A350CT Systems Security

Study Guide & PowerPoint Slides

Contents
Page Modules Aims Intended Module Learning Outcomes Textbooks and Recommended Reading Materials Lesson Plan Assessment Guidelines Pass Requirements Assignment Submission Requirements Examinations Grading Criteria Plagiarism Warning iii iii iii iv-vi vi vi vi-vii vii viii viii

ii

Modules Aims
This module aims to give students both a theoretical and a practical understanding of the basic foundations and technologies of network and systems security, which include but are not limited to various cryptographic techniques and their applications in network security, web security, operating systems security, database security. Intended Module Learning Outcome On completion of this module, the student should be able to : 1. Design, implement, evaluate and maintain efficient security systems for the protection of valuable digital assets 2. Assess possible security threats and evaluate suitable countermeasures for networked systems 3. Be able to discuss approaches to cryptography such as secret-key cryptography, public-key cryptography, digital signatures, digital certificates and authentications. 4. Be able to discuss advances in cryptographic methods

Textbooks and Recommended Reading materials

Prescribed Text
Network Security Essentials: Applications and Standards, William Stallings, 4/E, Prentice Hall

Recommended Reading Gollmann D (2006), Computer Security , 3rd Ed, Wiley Pfleger CP (2004), Security in Computing , 2nd Ed, Prentice Hall Galbreath N (2002), Cryptography for Internet and Database Applications: Developing Secret and Public-Key Techniques with Java, Wiley Anderson R (2001), Security Engineering: A Guide to Building Dependable Distributed Systems, Wiley Simmons G J (1992), Contemporary Cryptology: The Science of Information Integrity, IEEE Press D R Stinson (2005), Cryptography: Theory and Practice, 3rd Edition, CRC

iii

Lesson Plan
Session Topic Reading 1 & 2 Topic 1: Introduction to systems security and Chapter 1 Access Control Learning objectives Acess Control User groups Role based access control Intrution detection

Learning outcome

The study of introduction to systems security and access control enables to apply the knowledge from RBAC. Topic 2: Internet Authentication Applications Chapter 2
Learning objectives

Identification and authentication Kerboros) Password management

Learning outcome

(including

The study of internet authentication to understand the concepts of password and authentication. Chapter 3 Topic 3: Cryptographic Tool
Learning objectives

Secret-key cryptography Data Encryption Standard (DES) Advanced Encryption Standard (AES)
Learning outcome

The study of cryptographic tools enables to apply various methods of cryptographic techniques. Topic 4: Public-Key Cryptography and Message Chapter 4 Authentication
Learning objectives

Public-key cryptography: Rivest-Shamir-Adleman (RSA) Digital Signature Standard (DSS)/Digital Signature Algorithm (DSA)

iv

Learning outcome

The study of public-key cryptography enables to apply the various public-key cryptography techniques. Topic 5: Internet Security Protocols and Standards Chapter 5
Learning objectives

Kerberos private-key authentication service X.509 public-key directory authentication Public-key infrastructure (PKI)
Learning outcome

The study of internet security protocols applies to realtime application to identfy the internet transactions. Topic 6: Database Security Chapter 6
Learning objectives

Datanase Access control SQL techniques

Learning outcome

The study of database security enables to understand the structure of database security levels and access rules. Topic 7: Malicious software Chapter 7
Learning objectives

Introduced types of malicious software Virus tyeps and countermeasures Worm types and countermeasure Bots

Learning outcome

The study of malicious software evaluate and use tools and techniques to successfully manage a network. . 8
Topic 8: Firewalls and Intrusion Prevention Systems Learning objectives

Chapter 8

Introduced need for & purpose of firewalls Types of firewalls -- Packet filter, stateful inspection, application and circuit gateways

Learning outcome

The study of firewall and IDS enable to critically review a network security management. Topic 9: Network Security Chapter 9 -- Electronic Mail Security: Pretty Good Privacy (PGP), S/MIME ; Web Security: IPSec, Secure -- Socket Layer (SSL), Transport Layer Security (TLS), Secure Electronic Transaction (SET).
-- Network Management Security Systems

Revision Examination Assessment Submission Date : Last week of the term Assignment : Submission on session 10 Examination : Session 11

10 11

Assessment Guidelines
Method of assessment Assessment Coursework: Consists of two small projects, one on systems security and one on cryptogrphy, each with equal marks. Examination Total Weighting 30% Learning Outcomes 1 2 3 4 Y Y

70% 100%

Pass Requirements The module pass mark is 40% with all assessment components passed. All assignments and the examination are compulsory. For you to pass the course, the total of your results for all the assessment components must show a satisfactory level of achievements. Final mark allocation will be confirmed by the Examination Board and will not be open to appeal. Assignment Submission Requirements 1. Write your name and student ID clearly on the acknowledgement form as well as the mark sheet. 2. Your assignment should be type-written. Assignment to be stapled. 3. 1 line spacing with font size 12 using Times New Roman vi

4. Include contents page. Page numbers at every page 5. Include a Reference Page at the end of your assignment and reference within the text according to Harvard style of referencing. (See http://home.ched.coventry.ac.uk/caw/harvard/index.htm) 6. All written coursework must be submitted to turnitin.com for plagiarism check. Please note that for engineering students plagiarism results must be less than 10%. Any thing greater than this stipulated percentage will warrant an immediate failure. The assignment must have significant amount of original work and text. 7. Submit your assignment form with the AIM acknowledgement form filled up and submit together with the written coursework and drop into the submission drop-box located at Level 1. 8. CD containing the assignment softcopy in Microsoft Word format is to be attached. 9. Students are required to submit their assignment on the due date given; otherwise it may pilot to a mark deduction of 5% of the total marks for each day the assignment is late (including Saturday and Sunday). This applies for a maximum of three (3) days, after which the assignment will not be accepted.

Examination
Students are NOT allowed to sit for examination if their attendance fall below 80% (absent without valid reason for more than 2 sessions). They have to repeat this module with later intakes and pay repeat fee (inclusive of prevailing GST). Weightage 70 % Exam Date Exam Duration Other instructions Week 11 3 Hours Close Book Exam

If you are absent on this date, you will obtain a Fail grade unless you have provided documentary proof to your Programme Manager within 24 hours before and after the assessment date. Please refer to your Student Handbook for details of examination policy.

vii

Grading Criteria
Bachelor (Honours) Marks Range 70% and above 60%- 69% 50%- 59% 40%- 49% Below 40% Honours Classification 1st Class 2nd Class Upper 2nd Class Lower 3rd Class Unclassified

Plagiarism Warning
All students share the responsibility for upholding the academic standards and reputation of the University. Academic honesty is a prerequisite condition in the pursuit and acquisition of knowledge. Academic dishonesty is any misrepresentation with the intent to deceive or failure to acknowledge the source or falsification of information or inaccuracy of statements or cheating at examinations/tests or inappropriate use of resources. There are many forms of academic dishonesty and plagiarism is one of them. Plagiarism is generally defined as the practice of taking someone elses work or ideas and passing them off as ones own (The New Oxford Dictionary of English).

The University takes a serious view of plagiarism. Any student found to have committed or aided and abetted the offence of plagiarism may be subject to disciplinary actions.

viii