MSI 604

Communications, Networking and Computer Security

University at Albany, SUNY

Spring 2004

Instructor Information

Name:              

Sanjay Goel

            Email:

goel@albany.edu

Phone:                         

(518) 442-4925

Office Hours:           

By appointment

            Office Location

BA 310b

Class Information

Time:

TBD

Venue:                         

TBD

Dates:             

September - December

Available Labs:

MIS/HRIS/Security Lab

Course Overview 

This course covers Data Communications, Computer Networking and Computer Security. The first module of the course focuses on communications where we discuss fundamentals of signal transmission, transmission hardware and basic communication concepts such as error control and multiplexing. The second module of the class covers Network Topologies, the OSI model, and the TCP/IP protocol suite. This module also covers the various architectures used on the Internet, including client-server, peer-to-peer and n-tier architectures. Also covered is network switching and schemes for routing data on the network. Students will have the opportunity to use network simulation tools. In the third module of the class, vulnerabilities of computer networks and techniques for protecting networks and data are discussed. Basic elements of symmetric and asymmetric cryptography are discussed. Secure Electronic Commerce, involving secure transmission, authentication, digital signatures, digital certificates and Public Key Infrastructure is also presented. Issues in privacy, ethics and policies are also discussed where students study technologies like Web Bugs and Carnivore and debate on ethical issues related to privacy.

Learning Objectives 

  1. Students learn the basic concepts of Communications & Computer Networks
  2. Students learn to use simulation tools for designing & optimizing communication network topologies
  3. Students understand the basic concepts of cryptography and Public Key Infrastructure
  4. Students learn to analyze security threats to computer networks and the means to protect them
  5. Students learn to research in the focused area of Networks & Security
  6. Students develop critical thinking skills via debates on the ethics and legal issues involved in electronic data access.

Immersion Classes

The class is supplemented by 2-3 immersion classes which are full day classes covering special topics in Computer security. The content of the classes may vary based on the interest of the audience and the availability of the instructor. This is not a mandatory part of the class and is strictly volunteer (without any grade implication) based on the interests of the students. The three potential classes are:

  1. Security Programming using Java - In this class the students learn the basic cryptography classes in java and learn encryption and decryption of data. The students also learn to create message hashes, digital signatures and certificate servers.
  2. Hacking Lab - In this lab students learn to use some hacking tools hands-on. These include password analyzers, network and port scanners and tools for denial-of-service attack as well as spoofing. The purpose of the lab is to train the students in better understand computer security issues in the organizations.
  3. Distributed Computing using Jini - The class will be involved in the development of a service based architecture using Jini. Each student will develop a different service and the class will call each others services. The goal of the class is to teach the students the working and development of a peer-to-peer system. As a part of the class the students will learn how to install, configure and deploy a peer-to-peer system

Books & Software

Text Book

Data Communications & Computer Networks: A Business Users's Approach by Curt M. White

Text Book

Hackers Beware by Eric Cole

Reference

Professional Java Security by Jess Garms and Daniel Somerfield

Reference

Computer Networking, A top down approach featuring the Internet by J. W. Kurose & K Ross

Grading

Homework & Participation

25%

Paper

25%

Exams

50%

Term Paper (on Computer Security)

Students should make two person teams. Each team must complete a term paper on some aspect of computer security. The paper should deal with issues such as payment systems, privacy on the internet, security technology, legal issues in security and computer crimes. The paper should include a broad introduction of the topic and a comprehensive discussion of a few selected aspects of the topic. The paper will be presented in the last class (i.e. Dec 5). All students must be present for all the presentations. The students will be graded on the term paper as well as the quality of the presentations. The paper should not be more than four pages long so the students should make an effort to write four pages of original text. The paper should reflect a clear understanding of the subject by the the student. The presentation should not exceed more than five viewgraphs. Please use your critical thinking skills to be concise and focused on both the paper as well as the presentations.

Assignments

An assignment given in any week is due at the beginning of the class on the same day in the following week. There will be a penalty of 10% per day for late assignments unless there is a very pressing reason for the delay. Please work individually on all assignments. Stop by my office (BA 310b) if you have difficulty in understanding the assignment or the course material discussed in the class.

Course Schedule

Week

Date

Topics

Readings

Class Notes

1

 

Fundamentals of Data and Signals

 

 

Hardware & Media Types

 

 

2

 

Multiplexing

 

 

 

Error Control

 

 

3

 

Local Area Networks:Basics

 

 

 

Local Area Networks:Internetworking

 

 

4

 

Internet Architecture

 

 

 

Layered Internet Model 

 

 

5

 

Routing

 

 

 

Routing contd.

 

 

6

 

Network Congestion Control

 

 

 

Review

 

 

7

 

Exam I

 

 

 

Introduction to Security

 

 

8

 

Hacker Attacks

 

 

 

Hacker Attacks

 

 

9

 

Cryptography - Symmetric & Asymmetric

 

 

 

Cryptography contd.

 

 

10

 

Public Key Infrastructure, digital Signatures, Digital Certificates

 

 

 

Watermarking and Steganography 

 

 

11

 

Analyzing Computer Security Risk

 

 

 

Managing Computer Security Risk

 

 

12

 

Exam II

  

 

 

Discussion on Privacy in the Workplace

 

 

13

 

Privacy on the Internet (Carnivore)

 

 

 

Privacy on the Internet (Web bugs)

 

 

14

 

Current Topic

 

 

 

Current Topic

 

 

15

 

Student Presentations

 

 

 

Student Presentations