Number and Title of Course: CS459/559 - Network Security

http://csc.ColumbusState.edu/summers/NOTES/CS559/

Instructor(s): Dr. Wayne Summers
Office: SCA204 Office phone: (505) 454-3230
Department phone: (505) 454-3295
Office Hours: MW 3:30-4:20 p.m. MST; TR 1-1:50 p.m. MST; via e-mail, net-meetings during class time and by appointment.
e-mail address: summers_wayne@ColumbusState.edu
homepage:http://csc.ColumbusState.edu/summers

Catalog Description of Course: This course addresses security issues for TCP/IP-based and NT networks. Access Control and Communications Security issues will be covered as well as Internet and intranet security. (3 credits).

Course Prerequisite: CS457/CS557 - Computer Networks, MIS420/MIS520 - Networking in a Business Environment or permission of instructor.

Required Textbook(s): Network Security Essentials, Prentice-Hall by William Stallings, 2000, ISBN: 0-13-016093-8.

Supplementary Books and Materials

Maximum Security, 2nd Edition, SAMS Books by Anonymous, 1998, ISBN: 0-672-31341-3.
Maximum Linux Security, SAMS Books by Anonymous, 2000, ISBN: 0-672-31670-6.
The Cuckoo's Egg : Tracking a Spy Through the Maze of Computer Espionage; by Clifford Stoll; Pocket Books; ISBN 0671726889
Material from the Internet
Software and manuals found in the lab and on the Internet.

Educational Outcomes

Students will be able to identify security breaches in a computer network
Students will be able to discuss major issues concerning computer security.
Students will know how to use standard security tools to locate and fix security leaks in a computer network.
Students will have an understanding of a variety of cryptographic algorithms and protocols underlying network security applications.
Students will have an understanding of system-level security issues.

Major Topics

Security Concepts and Terminology
TCP/IP and OSI Network Security
Access Control Issues (Packet Filters, Firewalls)
Communication Security (OSI Layer Security Protocols)
Security Tools
Cryptography
System Security - Intruders and Viruses
E-mail and Web Security

Instructional Methods and Techniques

The class will "meet" the equivalent of two one-hour & fifteen minutes for lecture/discussion each week.
The lectures and discussions will be a combination of sychronous and asynchronous discussions using WebCT.
Students mut have access to the Internet to facilitate demonstrating and using software.

Assignments for Course

Readings from the textbook(s)
Outside reading from popular computing and information technology periodicals
Readings from documents found on the Internet
Frequent lab assignments and homework
Research paper/project

Evaluation

Midterm(s) and Final Exams over the lectures and readings.
Homework including lab assignments on material discussed in class.
Projects and/or a Term paper on a topic on computer security.

Class Attendance:Class attendance is the responsibility of the student, and it is the student's responsibility to independently cover any material s/he may miss. Class attendance and participation may also be used in determining grades. You should attend all sessions. Attendance will be taken.

Exams and Assignments: There will be one midterm exam and one comprehensive final exam. Exams cover material from the text as well as laboratory activities. The lectures may not cover all the material in the textbooks and may be supplemented by additional materials. Late assignments will be subject to up to a 25% deduction in points per day. No credit will be given for assignments that are more than one week late.

Course Evaluation (tentative): (Graduate Students will be expected to graduate quality work)

Homework = 100-200 pts.
Programming Project / Term Paper (must be approved by instructor) [additional project or paper is required for all Graduate Students]; should include a PowerPoint presentation that is suitable for posting on the Internet for discussion by the class. = 100 pts.
The students would be expected to discuss their readings weekly in the discussion group and online during the chat sessions. [100 pts]
One midterm test = 100 pts.
1 Comprehensive FINAL EXAM = 200 pts.

Grades may be determined according to this scale (tentative):

A 90% - 100% B 80% - 89%

C 70% - 79% D 60% - 69%

SCHEDULE (tentative)

	Lecture Topic	Homework
Week 1:(Jan. 8-12)	Introduction to Computer Networking and Security: Computer Crime, Security and Computer Viruses Ch.1 - Introduction	Week 1 Assignment
Week 2:(Jan. 15-19)	Introduction to Computer Networking and Security:	Week 2 Assignment
Week 3:(Jan. 22-26)	Cryptography: Ch.2 - Conventional Encryption and Message Confidentiality	Week 3 Assignment
Week 4:(Jan. 29- Feb. 2)	Cryptography: Ch.2 - Conventional Encryption and Message Confidentiality Ch.3 - Public-Key Cryptography and Message Authentication	Week 4 Assignment
Week 5:(Feb. 5 - Feb. 9)	Cryptography: Ch.3 - Public-Key Cryptography and Message Authentication	Week 5 Assignment
Week 6:(Feb. 12 - Feb. 16)	Network Security Applications: Ch. 4 - Authentication Applications	Week 6 Assignment
Week 7:(Feb. 19 - Feb. 23)	Network Security Applications: Ch.5 - Electronic Mail Security	Week 7 Assignment
Week 8:(Feb. 26 - Mar. 2)	Network Security Applications: Ch.6 - IP Security	Week 8 Assignment
Week 9:(Mar. 5 - Mar. 9)	Review MIDTERM	Week 9 Assignment
SPRING BREAK	HAVE FUN
Week 10:(Mar. 19 - Mar. 23)	Network Security Applications: Ch.7 - Web Security	Week 10 Assignment
Week 11:(Mar. 26 - Mar. 30)	Ch.8 - Network Management Security	Week 11 Assignment
Week 12:(Apr. 2 - Apr. 6)	System Security: Ch.9 - Intruders and Viruses	Week 12 Assignment
Week 13:(Apr. 9 - Apr. 13)	System Security: Ch.9 - Intruders and Viruses	Week 13 Assignment
Week 14:(Apr. 16 - Apr. 20)	System Security: Ch.10 - Firewalls	Week 14 Assignment
Week 15:(Apr. 23 - Apr. 27)	System Security: Ch.10 - Firewalls REVIEW
May 1, 2000	FINAL EXAM	Tuesday, May 1, 2001 - 2:30-5:30 p.m.