Computer Security

Course aims

After having taken this course, the participant should be able to treat computer security problems in a structured way. This includes ability to estimate the vulnerability and threats concerning a given system, and to create a rough policy and computer security plan. It also means knowledge of different possible security products concerning their function and efficiency in general and their usefulness for the intended situation.

Remember that the course is defined by the lecture slides in the first hand.

Contents

In order to pass the course each participant must:

• know and be able to apply the three basic criteria for computer security, Confidentiallity, Integrity, Availability
• be able to analyse a simple situation from a computer security point of view, point out relevant threats, identify possible countermeasures and evaluate their efficiency
• know the terminology, so that countermeasures are correctly named and threat descriptions correctly understood

This means in detail that in different areas the student must:

Analysis of need for protection

• be familiar with analyses like cost-benefit analysis, risk assessment etc.
• know and be able to use the three categories known as CIA.

  Availability

• understand the concept and its connections to intentional and unintentional threats.
• recognise which threats, like deliberate network flooding, that are threats against availability

  Access control

• understand the concepts of confidentiality and integrity and be able to recognise when tools are aimed at only one of the concepts
• know the three main categories for identity verification of users and be able to evaluate their advantages and drawbacks in a given situation.
• know the basic terminology of access policies.
• be able to explain the more common formal policy models Bell-LaPadula and Biba.
• know about basic tools for implementation of access control like capabilities, ACL:s etc.
• Understand the concepts of Reference Monitor, Security Kernel and Trusted Computing Base.

  Network and distributed security

• understand the problem of identity in a network, the use of certificates and the role of crypto-based authentication
• know the basic properties of Kerberos, SSL/TLS and IPSec
• know what a firewall is, what it can do and what it cannot do.
• understand the concept and use of DMZ
• understand the concepts and use of IDS
• have a correct understanding of what exactly Trojan horses, viruses, worms and logic bombs are
• be able to analyse threats like viruses and network spoofing in terms of access control problems.

  Cryptographic tools

• understand the role of cryptography as a tool in access control.
• be able to explain words like algorithm, key, cryptoanalysis etc
• know the basics of cryptographic tools like stream ciphers, block ciphers, public key ciphers and digital signatures.
• understand the problems and possibilities concerning key generation and distribution, including PKI and certificates.
• be able to evaluate the use of different kinds of cryptographic tools in given situations.