DOC PREVIEW
Pitt IS 2150 - LECTURE NOTES

This preview shows page 1-2-17-18-19-35-36 out of 36 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 36 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 36 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 36 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 36 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 36 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 36 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 36 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 36 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

IS 2150 / TEL 2810 Introduction to SecurityContactCourse GoalsCertified for IA StandardsCourse OutlineCourse MaterialPrerequisitesGradingCourse PoliciesSlide 10LERSAISA Word on SAIS TrackWhat is Information Security?Information Systems SecurityBasic Components of SecurityCIA-based ModelSlide 17InterdependenciesSecurity - Years backInformation security todaySlide 21TerminologyAttack Vs ThreatCommon security threats/attacksClasses of Threats (Shirley)Policies and MechanismsGoals of SecurityAssumptions and TrustTypes of MechanismsSlide 30Information AssuranceAssuranceOperational IssuesHuman IssuesTying all together: The Life CycleSummary1IS 2150 / TEL 2810Introduction to SecurityJames JoshiAssociate Professor, SISLecture 1August 31, 20092ContactInstructor: James B. D. Joshi706A, IS BuildingPhone: 412-624-9982 E-mail: [email protected]Web: http://www.sis.pitt.edu/~jjoshi/ Office Hours:Monday: 1.30 – 3.00 p.m.By appointmentsGSA: Amirreza Masoumzadeh <[email protected]>3Course Goalsto develop a broader understanding of the information security field, Recognize, analyze and evaluate security problems and challenges in networks and systems. Apply their knowledge to synthesize possible approaches to solve the problems in an integrated way.Analyze and evaluate the fundamentals of security policy models and mechanisms, and their need for different types of information systems and applicationsAnalyze and evaluate the fundamentals of security policy models and mechanisms, and their need for different types of information systems and applicationsApply the basics of Cryptographic techniques and network security for ensuring the basic security goals of security of information systems.Apply the basics of Cryptographic techniques and network security for ensuring the basic security goals of security of information systems.Recognize the various security issues/terminologies related to software, networks and applications to show how they are interrelated and available techniques and approaches to solve/tackle security problems.Recognize the various security issues/terminologies related to software, networks and applications to show how they are interrelated and available techniques and approaches to solve/tackle security problems.Describe/identify the various basic social, legal and non-technical dimensions of security and its relation to technical counterparts.Describe/identify the various basic social, legal and non-technical dimensions of security and its relation to technical counterparts.4Certified for IA StandardsSAIS Track is certified for 5 CNSS standardsThis course accounts for about 85% of the first three CNSS standardsHence CORE course for SAIS trackCourse webpage: http://www.sis.pitt.edu/~jjoshi/courses/IS2150/Fall09/5Course OutlineSecurity BasicsGeneral overview and definitionsSecurity models and policy issuesBasic Cryptography and Network securityCrypto systems, digital signature, authentication, PKIIPSec, VPN, FirewallsSystems Design Issues and Information assuranceDesign principlesSecurity MechanismsAuditing SystemsRisk analysisSystem verificationIntrusion Detection and ResponseAttack Classification and Vulnerability AnalysisDetection, Containment and Response/RecoveryLegal, Ethical, Social IssuesEvaluation, Certification StandardsMiscellaneous IssuesMalicious code, Mobile codeDigital Rights Management, ForensicsWatermarking, E/M-commerce security, Multidomain Security Identity/Trust Management6Course MaterialTextbookIntroduction to Computer Security, Matt Bishop,Errata URL: http://nob.cs.ucdavis.edu/~bishop/Computer Security: Art and Science, Matt Bishop – is fine tooOther RecommendedSecurity in Computing, Charles P. Pfleeger, Prentice Hall Inside Java 2 Platform Security, 2nd Edition, L. Gong, G. Ellision, M. DagefordeSecurity Engineering: A Guide to Building Dependable Distributed Systems, Ross Anderson, Wiley, John & Sons, Incorporated, 2001 (newer version)Practical Unix and Internet Security, Simon Garfinkel and Gene SpaffordAdditional readings will be providedRequired or Optional7PrerequisitesAssumes the following backgroundProgramming skillSome assignments in JavaWorking knowledge of Operating systems, algorithms and data structures, database systems, and networksBasic MathematicsSet, logic, induction techniques, data structure/algorithmsNot sure? SEE ME8GradingLab + Homework/Quiz/Paper review 50%Exams 30% includesMidterm: 15%Final: 15%Paper/Project 20%List of suggested topics will be posted; Encouraged to think of a project/topic of your interestOtherSeminar (LERSAIS) and/or participation9Course PoliciesYour work MUST be your ownZero tolerance for cheating/plagiarismYou get an F for the course if you cheat in anything however small – NO DISCUSSIONDiscussing the problem is encouragedHomeworkPenalty for late assignments (15% each day)Occasionally you can seek extension under pressing circumstancesEnsure clarity in your answers – no credit will be given for vague answersSample solutions will be providedCheck webpage for everything!You are responsible for checking the webpage for updates10LERSAIS11LERSAISLaboratory of Education and Research in Security Assured Information SystemsEstablished in 2003National Center of Academic Excellence in Information Assurance Education - Research ProgramA US National Security Agency program initiated in 1998 through a presidential directive to SECURE the CyberspacePartnered by Department of Homeland Security since 2003There are 21 such centers nowLERSAIS is Pitt’s representative centerWebsite: http://www.sis.pitt.edu/~lersais/Check out for Friday Seminars: 2:00PM Welcome Coffee/Cake2:30-3:30PM Talk12A Word on SAIS TrackPitt’s IA curriculum has been certified for Committee on National Security Systems IA StandardsCNSS 4011: Information Security ProfessionalsCNSS 4012: Designated Approving AuthorityCNSS 4013: System Administrator in Information Systems SecurityCNSS 4014: Information Systems Security Officer CNSS 4015: System CertifiersPitt is one among few Institutions in the US and one of two in the State of Pennsylvania to have five certificationsAmong the first to be designated as CAE-Research13What is Information


View Full Document

Pitt IS 2150 - LECTURE NOTES

Documents in this Course
QUIZ

QUIZ

8 pages

Assurance

Assurance

40 pages

Load more
Download LECTURE NOTES
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view LECTURE NOTES and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view LECTURE NOTES 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?