ITM 604: Communications Networking & Security
Spring 2006 Syllabus
Sanjay GoelOffice: BA 310b
Hours: M 12:30-2PM & by appt.
PH: (518) 442-4925
FX (518) 442-2568
Jakov (Yasha) CrnkovicOffice: BA 332
Hours: MW 10:00 - 11:30am
PH: (518) 442-5318
FX (518) 442-2568
|Dates:||January 26 - May 4|
These course websites should be your main sources of course material and contain all relevant course information including details on grading, projects, assignments, course schedule, etc. In addition, these should provide a "living syllabus" and will reflect any changes made to this document.
Text & Reference BooksText (Networking): Data Communications & Computer Networks: A Business Users' Approach, Third Edition by Curt M. White, ISBN: 0619160357
Text (Security): Secrets and Lies: Digital Security in a Networked World (paperback) by Bruce Schneier, ISBN: 0471453803
Course OverviewThis course covers Data Communications, Computer Networking, and Computer Security. The first module of the course focuses on communications where we discuss fundamentals of signal transmission, transmission hardware, and basic communication concepts such as error control and multiplexing. Different wired and wireless media, such as, fiber optic, coaxial cables, cell phones, satellite microwave are also presented. Students learn the pros and cons of selecting different media types. The second module of the class covers Network Topologies, the OSI model, and the TCP/IP protocol suite. This module also covers the various architectures used on the Internet, including client-server, peer-to-peer and n-tier architectures. Also covered is network switching and schemes for routing data on the network. Students will have the opportunity to use network simulation tools. In the third module of the class, vulnerabilities of computer networks and techniques for protecting networks and data are discussed. Basic elements of symmetric and asymmetric cryptography are discussed. Secure Electronic Commerce, involving secure transmission, authentication, digital signatures, digital certificates and Public Key Infrastructure is presented. Issues in privacy, ethics and policies are also discussed where students study technologies like Web Bugs and Carnivore and debate on ethical issues related to privacy. Students go through the process of information security risk analysis through a case study, which consolidates their learning in the modules and hones their critical thinking and analytic skills.
Learning ObjectivesStudents will learn:
- Basic concepts of communications & computer networks
- How to use simulation tools for designing & optimizing communication network topologies
- Basic concepts of cryptography and Public Key Infrastructure
- How to analyze security threats to computer networks and how to protect them
- How to research in the focused area of computer networks & network security
- Critical thinking skills via debates on the ethics and legal issues involved in electronic data access
GRADINGAll students are expected to follow University at Albany guidelines on academic integrity (see the Academic Integrity section for more detail). If any assignment or project submission contains any material (text, diagrams, code, etc.) generated by others (not on your project team), your submission must clearly indicate the source of such material. Failure to indicate the source of the material will be treated as plagiarism. Individuals must work on their own on assignments unless otherwise specified by the professor.
Professor Goel's Assignments and Projects
Assignments- 15%Assignments can be in-class or take-home and will be designated as individual or group assignments depending on the specific assignments. Please see the Assignments section of the course site for further details and guidelines.
Project - 25%The project will involve performing a risk analysis based on a case or on their own organization using the risk analysis methodology presented in class. Students will be provided an Excel spreadsheet in which to fill in the matrices for Assets/Vulnerabilities, Vulnerabilities/Threats, and Threats/Controls. Students also provide a written document in which they detail their reasoning for choosing specific values similar to that shown in the case example.
Paper 20%The paper should be done in pairs or individually and no more than two people in a team and will focus on a security-related topic. If you work in groups of two, make sure that the work is equally divided. The point writing a paper is so that you learn how to do in-depth research on a topic, think carefully and deeply about the issues, and express your own ideas as clearly as possible. Suggested research topics will be provided and students will be given separate topics. Please see the Projects/Papers section of the course site for further details and guidelines.
Professor Crnkovic's Assignments and Projects
Exam- 40%There will be two exams in the class. The first exam will be multiple-choice and is open-book. It will cover what is learned during the first third of the class with Professor Crnkovic. The second exam will consist of multiple sections (essay-style) in which will cover networking and security. The will have to apply a majority of what has been learned during the last two-thirds of the semester in order to assess individual performance. This can include encryption, digital signature creation, and other topics discussed in the last two-thirds of the course. Students may use the recommended texts, class notes, and PowerPoint presentations. No use of electronic devices (laptops, cellphones, PDA's, etc.) is allowed during testing. A previous exam and sample solution set will be provided for review.
|1/26||Introduction to Computer Networks and Data Communication||White 1 & 2||See WebCT||Crnkovic|
|Fundamentals of Data and Signals; The Media; Making Connections||White 3 & 4|
|2/2||Multiplexing; Errors; Error Detection and Error Control||White 5 & 6||See WebCT|
|Local Area Networks||White 7|
|2/9||Local Area Networks, cont'd.||White 8 & 9||See WebCT|
|WAN; First three group presentations||10|
|2/16||Network Design and Management; Six group presentations||White 14||See WebCT|
|Exam 1 (from 10:30am)||White 1-10|
|3/2||Introduction to the Internet; OSI Model||Notes||See WebCT||Goel|
Schneier 1-5, 8 & 25
|Paper Topics Assigned|
Schneier 13, 14, 17 & 22
|Analyzing Computer Security Risk||Notes
Schneier 18, 19 & 21
|3/23||Managing Computer Security Risk||Notes
Schneier 23 & 24
|4/6||Security Policies, cont'd.||Notes
|4/20||Computer Forensics / Hacking Lab||Class Handouts|
|4/27||Cryptography, PKI, Digital Signatures & Certificates||Notes
Schneier 6, 7 & 15
|5/4||Exam 2||Notes & Book|
Download syllabus: itm604syllabus.pdf