1

SKR 5200 Advanced Network SecurityAzizol Bin Hj. Abdullah, Phd

Faculty of Computer Science & Information TechnologyUniversity Putra Malaysia

43400 UPM Serdang, Selangor

2

Introduction & Welcome

Contact Information : Dr. Azizol Bin Hj. AbdullahRoom No. : C1-26 (Blok C)Office Phone : 03-89471728 Mobile : 012 2085125Email : azizol@fsktm.upm.edu.my

3

SKR4200 Web Page

Course web page:

Using Email

LMS

just navigate from http://www.fsktm.upm.edu.my/

This should be your first port of call for all course-related information:

electronic copies of lecture notes.

additional resources – web links, etc.

recommended reading – whitepapers, course textbooks.

details of tutorials, additional support,…

and more…

4

Additional Support

Exercise sheets:

purely optional entertainment for you

available on SKR5200 website and during lecturing.

three types of question:

basic: to test your knowledge;

intermediate: to extend you beyond the lecture notes;

advanced: to lead you towards research issues.exercises will be discussed in lecturing time and during office hours.

Practical lab sessions

Upon request

Depend on availability

5

Course Textbook

This semester, we are recommending:

Stallings, W. (2006). Cryptography and Network Security. New Jersey: Prentice-Hall.

Douglas E. Comer. (2005). Internetworking with TCP/IP, Vol.1: Principles, Protocols and Architectures. New Jersey: Prentice-Hall.

Stallings, W. (2006). Network Security Essentials: Applications and Standards. New Jersey: Prentice-Hall. 

Mather, T., Kumaraswamy, S. and Latif, S. (2009). Cloud Security and Privacy. Sebastopol: O’Reilly Media.

Also of interest: Internet & other security books that can help you to understand

6

Course Evaluation

•Individual Assignment : 20% •Group Project : 20 %

(7.5% Demo & Presentation + 7.5% Report + 5% Working)

• Mid-Term : 20 %• Final Examination : 40 %

• Examination as part of 2 ½ hour exam.• Mixture of essay style and technical questions (problem solving) If you’re worrying about this already,

you’re worrying about the wrong thing!

7

1. Able to explain principals and techniques in network security.

2. Able to build and implement a network security system ininformation security and follows the industry standard.

3. Can identify and analyze a problem in complex situation and be able to evaluate and presenting in a group.

4. Searching and handling an information which is relevant form a different sources.

Course Deliverables

8

This course covers the advanced topics of cryptography such as symmetric encryption, public key encryption and hash function. It also emphasises the practice of network security, practical applications that have been and are being practised such as Kerberos authentication application, e-mail security, IP security and web security to assure network security is guaranteed.

Kursus ini merangkumi topik-topik lanjutan dalam kriptografi seperti penyulitan simetri, penyulitan kunci awam dan fungsi cincang. Ia juga menekankan tentang amalan keselamatan rangkaian, aplikasi-aplikasi praktikal yang telah dan sedang diamalkan seperti aplikasi pengesahan Kerberos, keselamatan mel elektronik, keselamatan IP dan keselamatan web untuk memastikan keselamatan rangkaian terjamin.

Course Synopsis

9

Overview of SKR5200

Cryptography and Network Security Introduction

Attacks, services, and mechanismsSecurity attacks, Security services

Symmetric EncryptionSymmetric Encryption PrinciplesSymemetric Encryption AlgorithmsCipher Block Modes of OperationLocation of Encryption DevicesKey Distribution

WEEK 1

10

Overview of SKR5200

Symmetric EncryptionSymmetric Encryption PrinciplesSymemetric Encryption AlgorithmsCipher Block Modes of OperationLocation of Encryption DevicesKey Distribution

Public-key EncryptionPublic-key Cryptography PrinciplesRSAKey managementDiffie Hellman key-exchange

WEEK 2

11

Overview of SKR5200

Message Authentication & Hashing

Secure Hash Functions and HMACAlgorithmDigital SignaturesKey Management

WEEK 3

12

Overview of SKR5200

Message Authentication & Hashing

Secure Hash Functions and HMACAlgorithmDigital SignaturesKey Management

WEEK 4

13

Overview of SKR5200

Authentication ApplicationsKerberosX.509 Authentication Service

WEEK 5

14

Overview of SKR5200

Authentication ApplicationsKerberosX.509 Authentication Service

WEEK 6

15

Overview of SKR5200

Electronic Mail SecurityPretty Good PrivacyS/MIMESNMP

WEEK 7

16

Overview of SKR5200

Electronic Mail SecurityPretty Good PrivacyS/MIMESNMP

WEEK 8

17

Overview of SKR5200

Security ProtocolsIPsec and Virtual Private Networks (VPN)Secure Sockets Layer/Transport Layer Security (SSL/TLS)Secure SHell (SSH)

WEEK 9

18

Overview of SKR5200

Security ProtocolsIPsec and Virtual Private Networks (VPN)Secure Sockets Layer/Transport Layer Security (SSL/TLS)Secure SHell (SSH)

WEEK 10

19

Overview of SKR5200

Firewall Firewall Design PrinciplesTrusted SystemsAttacks

WEEK 11

20

Overview of SKR5200

Firewall Firewall Design PrinciplesTrusted SystemsAttacks

WEEK 12

21

Overview of SKR5200

Wireless SecurityIEEE 802.11BluetoothMobile Communication Security

WEEK 13

22

Overview of SKR5200

Wireless SecurityIEEE 802.11BluetoothMobile Communication Security

WEEK 14

23

Requirement, Algorithms, Deployment & Security Issues

Qu

adrant 1 Security Services

Concepts & StandardsX.800

Security on servicesFirewallUnguided Media

Quadrant 4 System Security

Message AuthenticationAuthenticationProtocols

Qu

adrant 3 A

uthentication

Application

Quadrant 2Cryptography

Cryptography AlgorithmsSymmetric &Asymmetric Key distribution and management.

Network Security Direction Approach(Four Quadrants)

24

Reminder

make a best effort to arrive on time for lectures

if late, arrive quietly

return on time from coffee breaks

switch off mobile phones (that also means no texting)

use the website and other resources

use lectures as a starting point for further study, not the end point of your learning

25

A Proposed Time

6.30 - 7.30 : Lecture

7.31 - 8.00 : Break

8.01 - 9.30 : Lecture

26

Any Questions or Suggestions????