NETWORK SECURITY (CCE)

SHE Level 4
SCQF Credit Points 20.00
ECTS Credit Points 10.00
Module Code MHH624657
Module Leader Martin MacDonald
School School of Computing, Engineering and Built Environment
Subject SCEBE - School Office
Trimesters
  • A (September start)
  • B (January start)

Summary of Content

This course provides an essential study of computer security issues and methods in Computer Networks. Topic to be covered includes Network Security principles and fundamentals of cryptography. The course further explores the network security applications with Key distribution and user authentication, Transport level security and wireless security. The course discusses the security breaches in computer networks, security tools to locate and fix security leaks. The course also provides information about the security monitoring tools and configuration of system for security measures. The electronic mail security principles and IP security is also covered. A detailed look in to the intruders, malicious software like worms and virus, the counter measures are further explored. Finally the security at the network management level is also discussed. Upon this course completion students will be able to identify security threats and vulnerabilities of networks. The course winds up with the legal and ethical aspects of security.

Syllabus

The teaching syllabus will cover the following areas: Introduction to Network Security OSI security architecture- Security attacks - Security Services - Security mechanisms - A model for network security Cryptography Symmetric Encryption and Message Confidentiality Symmetric Encryption Principles-Symmetric Block Encryption Algorithms -Random and Pseudorandom Numbers -Stream Ciphers and RC4 - Cipher Block Modes of Operation - Public-Key Cryptography and Message Authentication - Approaches to Message Authentication -Secure Hash Functions -Message Authentication Codes - Public-Key Cryptography Principles - Public-Key Cryptography Algorithms - Digital Signatures Network Security Applications Key Distribution and User Authentication - Symmetric Key Distribution Using Symmetric Encryption - Kerberos -Key Distribution Using Asymmetric Encryption - X.509 Certificates - Public-Key Infrastructure - Federated Identity Management - Transport-Level Security - Web Security Considerations - Secure Socket Layer and Transport Layer Security - HTTPS -Secure Shell (SSH) Wireless Network Security - IEEE 802.11 Wireless LAN Overview - IEEE 802.11i Wireless LAN Security -Wireless Application Protocol Overview -Wireless Transport Layer Security -WAP End-to-End Security - Electronic Mail Security - Pretty Good Privacy - S/MIME - DomainKeys Identified Mail- IP Security - IP Security Overview -IP Security Policy -Encapsulating Security Payload -Combining Security Associations -Internet Key Exchange -Cryptographic Suites System Security Intruders - Intruders -Intrusion Detection -Password Management Malicious Software - Types of Malicious Software - Viruses - Virus Countermeasures - Worms -Distributed Denial of Service Attacks - Firewalls - The Need for Firewalls -Firewall Characteristics -Types of Firewalls -Firewall Basing - Firewall Location and Configurations - Network Management Security Basic Concepts of SNMP - SNMPv1 Community Facility - SNMPv3 - Legal and Ethical Aspects - Cybercrime and Computer Crime - Intellectual Property - Privacy - Ethical Issues

Learning Outcomes

On completion of this module the student should be able to:1. Describe security governance, and related legal and regulatory issues (AM1). 2. Explain the cryptographic algorithms and protocols underlying network security applications, including encryption, hash functions, digital signatures, and key exchange (AM1, AM 4,AM 5).3. Explain transport layer security and security in wireless systems (AM 1, AM4).4. Classify important network security tools and applications, (AM1, AM 2, AM 3).5. Analyse existing authentication and key agreement protocols (AM1, AM2, AM3).6. Develop SSL or Firewall based solutions against security threats. (AM4).

Teaching / Learning Strategy

The main teaching method will be based on lectures with laboratory exercises used to relate theoretical concepts to practical experience. The students will be expected to perform directed reading exercises and self-learning exercises on emerging technologies. Laboratory time will be used to provide structured exercises to get more practical knowledge about network security.

Indicative Reading

1. William Stallings,(2010),Network Security Essentials: Applications and Standards ,5th Edition, Prentice Hall, ISBN 13: 9780136108054. 2. Charlie Kaufman, Radia Perlman,Mike Speciner (2002), Network Security: Private Communication in a Public World, Prentice Hall, ISBN 13: 9780130460196. 4. Eric Cole; James W. Conley; Ronald Krutz, (2005), Network Security Bible, John Wiley & Sons Inc, ISBN 13: 9780470502495. 5. William R. Cheswick; Aviel D. Rubin; Steven M. Bellovin (2003), , Firewalls and Internet Security: Repelling the Wily Hacker, Addison-Wesley, ISBN 13: 9780201634662. 7. Elizabeth D. Zwicky; Simon Cooper; D. Brent Chapman, (2000), Building Internet Firewalls, Oreilly& Associates Inc, ISBN 13: 9781565928718. 8. Bruce Schneier ,(2004), Secrets and Lies: Digital Security in a Networked World, John Wiley &Sons Inc, ISBN 13: 9780471453802.

Transferrable Skills

Technical literacy, problem solving and synthesis of solutions are enhanced and exercised in all parts of the taught syllabus. The laboratory sessions provide the opportunity for students to further demonstrate and apply knowledge, exercise independent thought, creativity and design appraisal. The student's interpersonal/team skills and practical skills are further exercised with the laboratory and a course work project.

Module Structure

Activity Total Hours
Lectures (FT) 56.00
Practicals (FT) 28.00
Independent Learning (FT) 100.00
Assessment (FT) 16.00

Assessment Methods

Component Duration Weighting Threshold Description
Exam (Exams Office) 3.00 50.00 45% Final Examination - Unseen written examination-3 Hours
Exam (School) 1.50 20.00 n/a Mid-term test - Unseen written examination-1½ Hours
Coursework 1 n/a 30.00 n/a Lab exercise with report-1500 words