Author: cmpsci460-cmisra

Information Security Law

I am attaching the notes that I used for our last lecture on information security law.

Also take a look at the following articles, they add a good deal of context to the laws and their relevance as well as introducing some case law:

http://www.securityfocus.com/infocus/1669
http://www.securityfocus.com/infocus/1681
http://www.securityfocus.com/infocus/1693
http://www.securityfocus.com/infocus/1710

Readings

If you did not understand kerberos from the lecture in class , many people has found this description helpful. Make sure that you understand the kerberos protocol and bring any questions to class on Thursday.

http://web.mit.edu/kerberos/dialogue.html

Slides

Kerberos, Web authentication and Buffer Overflow slides

Post author By cmpsci460-cmisra
Post date 1 December 2010
No Comments on Kerberos, Web authentication and Buffer Overflow slides

These are the slides we have covered in class recently

460-lec12-authn.pptx.pdf

460-f06-lec12a-overflow.pptx.pdf

Assignments

Lab 3

Lab 3 is due at the beginning of class on 9 December 2010.

460-lab3-f09-incident.pdf

Slides

Web Application Security

Below are the web application slides we discussed in class today.

460-lec11-webapps.pptx.pdf

Readings Slides

SSL slides and readings

Below are the slides that we started in class on Tuesday and will continue today.

460-lec10-ssl.ppt.pdf

Also, I am assigning reading about a fairly recent SSL vulnerability. You should have all that you need to understand the threat. This material will be covered on a future quiz.

Paper on the attack: http://extendedsubset.com/?p=8

(note: review both the paper itself and the diagrams, both as pdfs linked from the above. Now that you know how to use wireshark, you can also replay the packet captures at the above link)

Media coverage: http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=221600523

Assignments

Lab 2 (note changed due date)

Post author By cmpsci460-cmisra
Post date 2 November 2010
No Comments on Lab 2 (**note changed due date**)

Lab 2 is due at the beginning of class on Tuesday 23 November.

460-lab2-packet-analysis

Exams

Exam 1 (rescheduled)

I will need to reschedule Exam 1. It was originally to be given in class on Thursday 28 October 2010. The exam will be given on Tuesday 26 October in class.

This exam will cover all material since the beginning of the semester, slides,
readings, course discussion, etc. I will provide additional details in
class on Thursday.

If you were scheduled to do your presentation on this date, please
see me after class so that I can reschedule.

I have also posted a sample exam below.

sample-exam

Assignments

Homework 3 (changed due date)

Post author By cmpsci460-cmisra
Post date 8 October 2010
No Comments on Homework 3 (changed due date)

Due Date: 2 November 2010

Introduction to Computer Security, Matt Bishop

Design Principles: Ch 12 ex 2
Malicious Logic: Ch 19: ex 1
Network Security: Ch 23: ex 4
System Security: Ch 24: ex 4, 7
User Security: Ch 25: ex 5, 6

Uncategorized

Firewalls and IDS

Attached are both the firewall slides and the ids slides, both of which would make some fine quiz questions.

460-lec8-firewalls.pptx.pdf

460-lec9-ids.ppt.pdf