Sanjay Goel, School of Business, UAlbany

ITM 604: Communications Networking & Security

Spring 2006 Syllabus

Instructor Information

Sanjay Goel

Office: BA 310b
Hours: M 12:30-2PM & by appt.
PH: (518) 442-4925
FX (518) 442-2568
Email: [email protected]

Jakov (Yasha) Crnkovic

Office: BA 332
Hours: MW 10:00 - 11:30am
PH: (518) 442-5318
FX (518) 442-2568
Email: [email protected]

Class Information

Time:	TH 9:05am-12:10pm
Room:	BA 233
Dates:	January 26 - May 4
Credit(s):	3
Call #:	4044

WebCT (Crnkovic)

Website (Goel)

https://www.albany.edu/~goel/classes/spring2006/itm604

These course websites should be your main sources of course material and contain all relevant course information including details on grading, projects, assignments, course schedule, etc. In addition, these should provide a "living syllabus" and will reflect any changes made to this document.

Text & Reference Books

Text (Networking): Data Communications & Computer Networks: A Business Users' Approach, Third Edition by Curt M. White, ISBN: 0619160357
Text (Security): Secrets and Lies: Digital Security in a Networked World (paperback) by Bruce Schneier, ISBN: 0471453803

Course Overview

This course covers Data Communications, Computer Networking, and Computer Security. The first module of the course focuses on communications where we discuss fundamentals of signal transmission, transmission hardware, and basic communication concepts such as error control and multiplexing. Different wired and wireless media, such as, fiber optic, coaxial cables, cell phones, satellite microwave are also presented. Students learn the pros and cons of selecting different media types. The second module of the class covers Network Topologies, the OSI model, and the TCP/IP protocol suite. This module also covers the various architectures used on the Internet, including client-server, peer-to-peer and n-tier architectures. Also covered is network switching and schemes for routing data on the network. Students will have the opportunity to use network simulation tools. In the third module of the class, vulnerabilities of computer networks and techniques for protecting networks and data are discussed. Basic elements of symmetric and asymmetric cryptography are discussed. Secure Electronic Commerce, involving secure transmission, authentication, digital signatures, digital certificates and Public Key Infrastructure is presented. Issues in privacy, ethics and policies are also discussed where students study technologies like Web Bugs and Carnivore and debate on ethical issues related to privacy. Students go through the process of information security risk analysis through a case study, which consolidates their learning in the modules and hones their critical thinking and analytic skills.

Learning Objectives

Students will learn:

Basic concepts of communications & computer networks
How to use simulation tools for designing & optimizing communication network topologies
Basic concepts of cryptography and Public Key Infrastructure
How to analyze security threats to computer networks and how to protect them
How to research in the focused area of computer networks & network security
Critical thinking skills via debates on the ethics and legal issues involved in electronic data access

GRADING

All students are expected to follow University at Albany guidelines on academic integrity (see the Academic Integrity section for more detail). If any assignment or project submission contains any material (text, diagrams, code, etc.) generated by others (not on your project team), your submission must clearly indicate the source of such material. Failure to indicate the source of the material will be treated as plagiarism. Individuals must work on their own on assignments unless otherwise specified by the professor.

Professor Goel's Assignments and Projects

Assignments- 15%

Assignments can be in-class or take-home and will be designated as individual or group assignments depending on the specific assignments. Please see the Assignments section of the course site for further details and guidelines.

Project - 25%

The project will involve performing a risk analysis based on a case or on their own organization using the risk analysis methodology presented in class. Students will be provided an Excel spreadsheet in which to fill in the matrices for Assets/Vulnerabilities, Vulnerabilities/Threats, and Threats/Controls. Students also provide a written document in which they detail their reasoning for choosing specific values similar to that shown in the case example.

Paper 20%

The paper should be done in pairs or individually and no more than two people in a team and will focus on a security-related topic. If you work in groups of two, make sure that the work is equally divided. The point writing a paper is so that you learn how to do in-depth research on a topic, think carefully and deeply about the issues, and express your own ideas as clearly as possible. Suggested research topics will be provided and students will be given separate topics. Please see the Projects/Papers section of the course site for further details and guidelines.

Professor Crnkovic's Assignments and Projects

The grade for the first part (= 1/3 of the final grade) will reflect the same ratio (60% assignments and 40% exam). There are 9 short projects from the first part of the course to be assigned to groups (groups are randomly generated on the WebCT and please do not ask for any changes since the first three projects are due for presentations in two weeks, 30%). Group 1 will solve the project 1, etc. Each group will prepare one project and submit their documents in appropriate group folder. In addition, each student will prepare one homework assignment (due after the President's week break, on March 16th) and upload it in the Assignment folder of the WebCT (30%). Exam is 40% see below.

Exam- 40%

There will be two exams in the class. The first exam will be multiple-choice and is open-book. It will cover what is learned during the first third of the class with Professor Crnkovic. The second exam will consist of multiple sections (essay-style) in which will cover networking and security. The will have to apply a majority of what has been learned during the last two-thirds of the semester in order to assess individual performance. This can include encryption, digital signature creation, and other topics discussed in the last two-thirds of the course. Students may use the recommended texts, class notes, and PowerPoint presentations. No use of electronic devices (laptops, cellphones, PDA's, etc.) is allowed during testing. A previous exam and sample solution set will be provided for review.

Course Schedule

Date	Topics	Readings	Assignments	Instructor
1/26	Introduction to Computer Networks and Data Communication	White 1 & 2	See WebCT	Crnkovic
1/26	Fundamentals of Data and Signals; The Media; Making Connections	White 3 & 4	See WebCT
2/2	Multiplexing; Errors; Error Detection and Error Control	White 5 & 6	See WebCT
2/2	Local Area Networks	White 7	See WebCT
2/9	Local Area Networks, cont'd.	White 8 & 9	See WebCT
2/9	WAN; First three group presentations	10	See WebCT
2/16	Network Design and Management; Six group presentations	White 14	See WebCT
2/16	Exam 1 (from 10:30am)	White 1-10	See WebCT
3/2	Introduction to the Internet; OSI Model	Notes	See WebCT	Goel
3/2	Network Architectures	Notes	See WebCT
3/9	Security Fundamentals	Notes Schneier 1-5, 8 & 25	Paper Topics Assigned
3/9	Hacker Attacks	Notes Schneier 9-12	Paper Topics Assigned
3/16	Hacker Attacks	Notes Schneier 13, 14, 17 & 22	Paper Due Project Assigned
3/16	Analyzing Computer Security Risk	Notes Schneier 18, 19 & 21	Paper Due Project Assigned
3/23	Managing Computer Security Risk	Notes Schneier 23 & 24
3/30	Security Policies	Notes Schneier 20
4/6	Security Policies, cont'd.	Notes Schneier 20
4/20	Computer Forensics / Hacking Lab	Class Handouts
4/27	Cryptography, PKI, Digital Signatures & Certificates	Notes Schneier 6, 7 & 15	Project Due
5/4	Exam 2	Notes & Book
5/4	Steganography/Watermarking Lab	Notes Schneier 16

Download syllabus: itm604syllabus.pdf