Office hours: Tuesday 11:00 am to 1:00 pm. - or by appointment
Time: 9:30-10:50 a.m., Tu, Th
Course webpage is
http://security.cs.ttu.edu. We will
make extensive use of the class WWW site. You should check the WWW
page on a near daily basis for updates.
With the explosive
growth of the Internet, Web applications, and Web services, the
majority of today’s programs and applications require some form of
network security. This course covers vulnerabilities of the network
and techniques for protecting data such as cryptography and
steganography. Standards including PKI, IPsec, and SSL/TLS that are
used for secure data transmission will also be discussed. The class
will include security programming using Java language to supplement
the theory covered in the classes. By the end of this course, you
will have acquired a deep understanding of various network security
concepts and protocols and developed extensive knowledge that you
can use to develop sophisticated secure network applications. Case
studies, programming projects, term papers support the course.
 Network Security, Charlie Kaufman, 2nd Edition, Radia Perlman,
Mike Speciner, ISBN: 0-13-046019-2, Prentice Hall PTR, 2002.
 Professional Java Security, Jess Garms, Daniel Somerfield, ISBN:
1861004257, Wrox Press, 2001.
 Java 2 Network Security, 2nd Edition, Marco Pistoia, Duane F.
Reller, Deepak Gupta, Milind Nagnur, Ashok K. Ramani, ISBN:
0-13-015592-66, Prentice Hall PTR, 2002.
 Java Security, 2nd Edition, Scott Oaks, ISBN: 0-596-00157-6,
O’Reilly & Associates, 2001.
 Java Cryptography, 2nd Edition, Jonathan Knudsen, ISBN:
1-56592-402-9, O’Reilly & Associates, 1998.
 Applied Cryptography: Protocols, Algorithms, and Source Code in
C, 2nd Edition, Bruce Schneier , ISBN: 0471117099, John Wiley &
 Building Internet Firewalls, 2nd Edition, Elizabeth D. Zwicky,
Simon Cooper, D. Brent Chapman , ISBN: 1-56592-871-7, O’Reilly &
Tentative Course Outline
Primer on Networking
Layers and Cryptography
The Multi-level Model of Security
Understanding Java Security
Introduction to Cryptography
Secret Key Cryptography
Modes of Operation
Message Digests, Signatures, and Certificates
Public Key Algorithms
Overview of Authentication Systems
Authentication of People
Security Handshake Pitfalls
Strong Password Protocols
Public Key Infrastructure
Electronic Mail Security
This course consist of lectures,
in-class exercises, informal quizzes, homework assignments, a term
paper on network security, and a final exam.
Informal quizzes will be held handed out for
your practice two-three weeks, just to quickly recap material.
Informal quizzes will consist of true/false answers. There is no
grading of informal quizzes.
Homework assignments will contain problems,
short-answer questions, reading exercises and Java programming
tasks. Homework assignments should be handed in at the beginning of
lecture on which it is due. For late submissions there will be a
penalty of 10% for lateness. Late submissions will not be accepted
after the day solutions are made available to the class. Please work
individually on all assignments. Stop by my office if you have
difficulty in understanding the assignment or the course material
discussed in the class.
Term Papers: Students should make two persons
teams. Each team must complete a term paper on some aspect of
network security or a completed project. The paper should deal with
issues such as privacy, cryptography, security technology,
standards, legal issues, or an implemented project. The paper should
include a broad introduction of the topic and a comprehensive
discussion of a few selected aspects of the topic. The paper will be
presented during the last two classes. All students must be present
for all the presentations. The students will be graded on the term
paper as well as the quality of the presentations. The paper should
not exceed more than six pages and should reflect a clear
understanding of the subject by the student. The presentation should
not exceed more than six viewgraphs. Please use your critical
thinking skills to be concise and focused on both the paper as well
as the presentations.Exams will be open-book/notes, but will
be extremely time-constrained. Material from handouts, textbooks and
reading/homework assignments will be included in the scope of
Late work will not be accepted. Each homework and programming
assignment will have a posted deadline. Deadlines are absolute.
Failure to submit an assignment by the deadline will result in a grade
of 0. There are no exceptions. A written excuse from the dean or
health office is the only acceptable form of excuse. This will result
a minimum extension to the deadline to complete the assignment.
Questions about grades:
After each graded assignment is returned students will have one week
following the return of the assignment to question the grade assigned
with either the course instructor or TA. After one week has passed the
grade becomes final and will not change. This applies to all
programming assignments, homework and tests.
The purpose of these
different instruments is to have a positive learning experience,
critical thinking about Java programming, and some sound grasp of
fundamentals. If you feel any of these instruments is not working for
any reason, please send me email and I will consider a change in the
format of delivery.
Student-teacher relationships are based on
trust. Acts, which violate this trust, undermine the educational
process. Your classmates and the instructor will not tolerate
violations of academic integrity.(see
Statement of Academic Conduct for Engineering Students, College of
Engineering Texas Tech University).