Syllabus for CS-5331
CS-5331 Network Security

Dr.  Michael Sobolewski
Room: CP-310
Office hours: Tuesday 11:00 am to 1:00 pm. - or by appointment

Course Information
Network Security
Location: CP204
Time:  9:30-10:50 a.m., Tu, Th

Course webpage is We will make extensive use of the class WWW site. You should check the WWW page on a near daily basis for updates.

With the explosive growth of the Internet, Web applications, and Web services, the majority of today’s programs and applications require some form of network security. This course covers vulnerabilities of the network and techniques for protecting data such as cryptography and steganography. Standards including PKI, IPsec, and SSL/TLS that are used for secure data transmission will also be discussed. The class will include security programming using Java language to supplement the theory covered in the classes. By the end of this course, you will have acquired a deep understanding of various network security concepts and protocols and developed extensive knowledge that you can use to develop sophisticated secure network applications. Case studies, programming projects, term papers support the course.

[1] Network Security, Charlie Kaufman, 2nd Edition, Radia Perlman, Mike Speciner, ISBN: 0-13-046019-2, Prentice Hall PTR, 2002.
[2] Professional Java Security, Jess Garms, Daniel Somerfield, ISBN: 1861004257, Wrox Press, 2001.

[1] Java 2 Network Security, 2nd Edition, Marco Pistoia, Duane F. Reller, Deepak Gupta, Milind Nagnur, Ashok K. Ramani, ISBN: 0-13-015592-66, Prentice Hall PTR, 2002.
[2] Java Security, 2nd Edition, Scott Oaks, ISBN: 0-596-00157-6, O’Reilly & Associates, 2001.
[3] Java Cryptography, 2nd Edition, Jonathan Knudsen, ISBN: 1-56592-402-9, O’Reilly & Associates, 1998.
[4] Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd Edition, Bruce Schneier , ISBN: 0471117099, John Wiley & Sons, 1995.
[5] Building Internet Firewalls, 2nd Edition, Elizabeth D. Zwicky, Simon Cooper, D. Brent Chapman , ISBN: 1-56592-871-7, O’Reilly & Associates, 2000.

Tentative Course Outline

  1. Introduction
  2. Primer on Networking
  3. Layers and Cryptography
  4. The Multi-level Model of Security
  5. Understanding Java Security
  6. Introduction to Cryptography
  7. Secret Key Cryptography
  8. Modes of Operation
  9. Message Digests, Signatures, and Certificates
  10. Public Key Algorithms
  11. Overview of Authentication Systems
  12. Authentication of People
  13. Security Handshake Pitfalls
  14. Strong Password Protocols
  15. Public Key Infrastructure
  16. IPsec
  17. SSL/TLS
  18. Electronic Mail Security
  19. Firewalls

Course Delivery Format/Policies
This course consist of lectures, in-class exercises, informal quizzes, homework assignments, a term paper on network security, and a final exam.

Informal quizzes will be held handed out for your practice two-three weeks, just to quickly recap material. Informal quizzes will consist of true/false answers. There is no grading of informal quizzes.

Homework assignments will contain problems, short-answer questions, reading exercises and Java programming tasks. Homework assignments should be handed in at the beginning of lecture on which it is due. For late submissions there will be a penalty of 10% for lateness. Late submissions will not be accepted after the day solutions are made available to the class. Please work individually on all assignments. Stop by my office if you have difficulty in understanding the assignment or the course material discussed in the class.

Term Papers: Students should make two persons teams. Each team must complete a term paper on some aspect of network security or a completed project. The paper should deal with issues such as privacy, cryptography, security technology, standards, legal issues, or an implemented project. The paper should include a broad introduction of the topic and a comprehensive discussion of a few selected aspects of the topic. The paper will be presented during the last two classes. All students must be present for all the presentations. The students will be graded on the term paper as well as the quality of the presentations. The paper should not exceed more than six pages and should reflect a clear understanding of the subject by the student. The presentation should not exceed more than six viewgraphs. Please use your critical thinking skills to be concise and focused on both the paper as well as the presentations.Exams will be open-book/notes, but will be extremely time-constrained. Material from handouts, textbooks and reading/homework assignments  will be included in the scope of the exams.

Point Distribution:

Homework Assignments  (5)25%
Midterm Exam25%
Final Exam25%

Late Policy:
Late work will not be accepted. Each homework and programming assignment will have a posted deadline. Deadlines are absolute. Failure to submit an assignment by the deadline will result in a grade of 0. There are no exceptions. A written excuse from the dean or health office is the only acceptable form of excuse. This will result a minimum extension to the deadline to complete the assignment.

Questions about grades:
After each graded assignment is returned students will have one week following the return of the assignment to question the grade assigned with either the course instructor or TA. After one week has passed the grade becomes final and will not change. This applies to all programming assignments, homework and tests.

The purpose of these different instruments is to have a positive learning experience, critical thinking about Java programming, and some sound grasp of fundamentals. If you feel any of these instruments is not working for any reason, please send me email and I will consider a change in the format of delivery.

Student-teacher relationships are based on trust. Acts, which violate this trust, undermine the educational process. Your classmates and the instructor will not tolerate violations of academic integrity.(see Statement of Academic Conduct for Engineering Students, College of Engineering Texas Tech University).