Course Description
This course introduces the principle of communication system security. The course covers security architecture and infrastructure, basic principles of trust and trust models. Network domain security, protected tunnels, intrusion detection. Access authentication, remote access, authenticator models and mechanisms, authentication servers and protocols. Broadcasting and multicast security, key tree, key management and distribution. Wireless terminal security, hardware based trust model, secure boot, operating system security management, software authentication and authorization. Seamless security for mobility, security cross radio technologies, emission security, physical layer security.
Prerequisites
ECE 223, ECE 316
Resources
| Lectures: | 1:00-2:20 TTh, RCH 309 |
| Tutorials: | Thursdays, 8:00-8:50pm, RCH 309 |
| Course text: | L.D. Chen and G. Gong, Communication System Security , draft, 2008. |
| References: |
- R. Anderson, Security Engineering - A Guide to Building Dependable Distributed Systems, Wiley, 2001. (QA76.9.A25 A54)
- C.P. Pfleeger and S.L. Pfleeger, Security in Computing, 4th ed., Prentice Hall, 2007. (QA76.9.A25 P45)
- L. Buttyn and J.P. Hubaux, Security and Cooperation in Wireless Networks: Thwarting Malicious and Selfish Behavior in the Age of Ubiquitous Computing, New York, Cambridge University Press, 2008 (TK5102.85 .B88).
|
Topics
- Introduction to Communication System Security: Basic information security concepts and protection mechanisms,
confidentiality, integrity and authenticity, trust model, threat model, and protected communications
(Chapter 1 , slides).
- Security Architecture and Infrastructure: Infrastructure support, authentication server, certificate authority,
and key generation and distribution
(Chapter 2 , slides).
- Practical Crypto Algorithms: LFSR based pseudorandom sequence/number generators, stream ciphers, block ciphers,
secure hash functions, and public-key crypto algorithms
(Appendix A ,
Appendix B ,
Appendix C ,
Appendix D ,
slides part 1 , slides part 2 ).
- Network Domain Security: Domain concept, establish trusted communications, protected tunnels,
protection algorithm negotiation, network security protocols (IPsec, TLS), protection models, and intra-domain versus.
inter-domain protections (Chapter 3 , slides
part 1 , slides part 2 ).
- Access Authentication Protocols and Infrastructure: Basic concepts in access authentication,
UMTS authentication and key agreement (AKA), authentication, authorization, and accounting (AAA), and
extensible authentication protocol (EAP) (Chapter 4 , slides).
- Trusted Platform: Hardware based trust model, secure boot, operating system security management, software authentication and authorization, protected memory and
storage, and trusted platform module (Chapter 7 , slides).
- Broadcast and Multicast Key Distribution and Authentication: key sharing scenarios, key tree based multicast key distribution, hash chain based message and access
authentication, and Merkle tree based authentication (Chapter 8 , slides part 1, slides part 2).
- Wireless Network Security and Security for Mobility: radio link protection, seamless security for mobility, secure handover, and physical layer security (Chapters 5-6 ,
slides).
Homework Assignments
| Assignment 1 | Solutions | [posted February 10, 2009] |
| Assignment of Topic 4: 1, 5, 8, 9, 10 | Solutions | [posted February 25, 2009] |
| Assignment of Topic 5: 1, 3, 5, 6 | Solutions |
[posted March 17, 2009] |
| Assignment of Topic 6: 1, 2, 3 | Solutions | [posted March 26, 2009] |
| Assignment of Topic 7: 1, 2, 3 | Solutions | [posted April 2, 2009] |
Tutorials
The tutorials will be for the purposes of (1) answering questions about the course materials, (2) providing example problems that illustrate applications of thetheory introduced in the lectures and detailing methods of assignment solutions, and (3) elaborating the course materials if necessary.
Course Grading
| Midterm Exam: | 30% |
| Final Exam: | 55% |
| Assignment: | 5% |
| Project: | 10% |
Due Dates of Assignment and Project
| Assignment 1: | February 5 |
| Project (individual based): | March 26 |
| Project Discritption (pdf, slides) | |
Last Modified: April 2, 2009