MIC1001 | Security Protocols in Communications |
Teaching Staff in Charge |
Lect. BUFNEA Darius Vasile, Ph.D., bufnycs.ubbcluj.ro |
Aims |
The course intended to reveal to students the main security issues and also the associated vulnerabilities presented at different levels of the TCP/IP stack. Also, the course wish to train the student in best practices regarding Internet communication, both from the Internet user and software developer perspective. |
Content |
This class focuses at different security aspects regarding each of TCP/IP stack’s layers, covering security protocols, but also presetting main vulnerabilities present at data link, network, transport and application layers. The main topics covered in this class are:
- Protocols, mechanisms and security algorithms inside the TCP/IP stack, regarding the data link, network, transport and application layers; - Electronic signatures and security infrastructures; - Protocols encapsulations, tunneling and Virtual Private Networks; - Authentication frameworks: Kerberos; - Smartcards and biometrics; - Banking system security. Electronic payments over the Internet; - Desktop security: antivirus system, antispyware and firewall system; - Audit tools and mechanisms for testing networks security; - Ethics and legal aspects regarding Internet crime; - User privacy. |
References |
1. V. V. Patriciu, M. Ene-Pietrosanu, C. Vaduva, I. Bica, N. Voicu, Securitatea Comertului Electronic, Editura ALL;
2. V. V. Patriciu, M. Ene-Pietrosanu, I. Bica, J. Priescu, Semnaturi Electronice si Securitate Informatica, Editura ALL, 2006; 3. V. V. Patriciu, I. Vasiu, S. G. Patriciu, Internet-ul si dreptul, Editura ALL BECK, Bucuresti, 1999; 4. W. Stalling, Cryptography and Network Security, Prentice Hall, 1999; 5. B. Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C, Wiley Professional Computing, 2 edition (October 19, 1995); 6. Kerberos: The Network Authentication Protocol, http://web.mit.edu/Kerberos/; 7. Netfilter/iptables project, http://www.netfilter.org 8. F. Cohen, A Short Course on Computer Viruses, Wiley Professional Computing, 2 edition, April 1994; 9. Top 100 Network Security Tools, http://sectools.org; 10. Mostafa Hashem, Protocols for Secure Electronic Commerce, CRC Press, 2004. |
Assessment |
Requirements and evaluation methods:
- 15% from the final mark: communications between the students and the lab teacher using secure PGP based mail messages; - 45% from the final mark: paper and project assignment developed by the student during the semester on a security topic; - 40% from the final mark: the mark of the exam at the end of the semester. Observations: In order to successfully pass this class, the following two conditions have to satisfied: - The paper and project must be evaluated with a mark greater or equal to five; - The mark of the exam at the end of the semester must be at least five. |
Links: | Syllabus for all subjects Romanian version for this subject Rtf format for this subject |