Yingjiu Li's Teaching

IS 302: Information Security and Trust

Term 2, 2007~2008

Announcements: Invited talk

Topic: The Trends in Information Security (link)

Speaker: Eddie Chau (Chairman, EC Frontier)

Time: Postponed to August, 2008

Venue: SOE/SOSS Seminar Room 5.2

FINAL EXAM

Content: 40 MCQ (20 points) and 10 SAQ (20 points)

Time: 5-7pm, April 16 (Wednesday), 2008

Venue: to be announced by registrar office

PROJECT REPORT due on April 7, Monday (hardcopy to Sharon or Yingjiu)

No class in week 14 (review week)!

Project:

Grading: 10% presentation + 15% project report
Teaming: 10 random teams in each class.
Deliverables: Each team will write a project report on their findings and deliver an oral presentation. The final report will be within 15~20 pages, using 11pt font, single column and single space format. The oral presentation will be delivered in 25 minutes followed by 5 minutes Q&A.

In both the report and the presentation, each team should:

a) Describe the background of related technologies

b) Explain how the technologies evolved, how they work and what security services or functionality they provide

c) Describe the possible business applications of the technologies

d) Describe/summarize/categorize/compare related products in the market

e) Analyze the possible impacts/benefits of deploying the technologies in one or more business sectors or markets, and provides a simple case study where appropriate.

Due times: The project outline draft (which should be within 5~10 pages) is due before or during class in week 9. The presentations will be given in weeks 12 and 13. The final report will be due on April 7, Monday in week 14.

Synopsis: This course provides both fundamental principles and technical skills for analyzing, evaluating, and developing secure systems in practice. Students will learn essentials about security models, algorithms, protocols, and mechanisms in applied cryptograph, computer networks, and access control systems. Classroom instruction will be integrated with hands-on exercises on security tools in Windows and Java language.

Text book: Security in Computing (4^th/3^rd edition) by Charles P. Pfleeger and Shari L. Pfleeger, Prentice Hall (2007/2003)

Class time and venue:

G1: Tuesday, 12~3:15pm, SISSR3.2
G3: Monday, 8:30~11:45am, SISSR3.2

Course design document: http://www.mysmu.edu/faculty/yjli/teach/2007-2008.doc

Course web sites:

http://www.mysmu.edu/faculty/yjli/teach/current.html

Professor

Yingjiu Li (yjli@smu.edu.sg)

Instructional Staff

Sharon Lim Yee Pin (sharonlim@smu.edu.sg)
Main duty: coordinate hands-on exercise; interact with students; grade students’ projects.

Teaching Assistant

Radhika Kanuga (radhika.2005@sis.smu.edu.sg)
Main duty: help on hands-on exercise, grade students’ in-class quizzes.

Office hour:

By appointment

Course schedule:

Week	Topic	Lab and Assignment
1	Introduction (Chapter 1, 7.1)	Group formation (10 groups)
2	Encryption basics (Chapter 2.1-2.4)	OpenSSL and JCE AesGenKey.java, LabPrep.doc, LapTest.doc
3	DES, AES (Chapter 2.5-2.6, 10.2)	OpenSSL and JCE Lab.doc, AesEncrypt.java, AesDecrypt.java, AesGenKey.java, largefile.txt Assignment 1 (5% due in next class)
4	RSA (Chapter 2.7-2.8, 10.3)	OpenSSL and JCE Lab.doc, RsaGenKey.java, RsaEncrypt.java, RsaDecrypt.java, smallfile.txt, largefile.txt
5	Integrity (Chapter 2.8, 10.3)	OpenSSL and JCE assignment1_ans.doc, week5.zip
6	Certificate, PKI (Chapter 2.8, 7.6)	OpenSSL, email sec, Windows cert mgt COMODO, thawte, review
7	User authentication I (Chapter 4.5)	Quiz (15%)
8	Recess week	Recess
9	User authentication II (Chapter 4.5) Internet security (Chapter 7.3)	Windows passwords, Windows firewall Project draft due before/during class
10	Lab@SAS-SMU Enterprise Intelligence Lab (instructions)	Password cracking Firewall and IDS
11	Access control (Chapter 4.1-4.4, 5.1-5.3)	Java SecurityManager hands_on.zip Assignment 2 (5% due in next class)
12	Project presentation	Teams 2, 4, 6, 8, 10
13	Project presentation	Teams 1, 3, 5, 7, 9
14	Review week (no class)	Project report due on April 7, Monday (10% presentation +15% report)
15	Final exam (40%) 5-7pm, April 16 (Wednesday)	Class participation (10%)

Note: Learning slides are available before each class. The slides may be deleted one week after the class.