Security and privacy issues

Allikas: KakuWiki
Redaktsioon seisuga 6. juuli 2006, kell 12:30 kasutajalt Kakk (arutelu | kaastöö) (→‎Books)
Mine navigeerimisribaleMine otsikasti

The course is to provide the students a good overview of security and privacy related issues in today's networked world. The lectures will deal with a variety of related problems and provide general insight and a bit more theoretical knowledge, while assignments and labs should build up the students' practical skills.

The Course

  • 16 weeks (one semester/term), 2 academic hours of lectures and 1 hour of labs weekly (2-0-1) - in practice, one 1.5-hour lecture every week, one 1.5-hour lab every other week, plus independent work.
  • 3.0 Estonian academic credits, 4.0 ECTS credits

Lectures

The initial ideas:


1.The broomstick at the door: security and privacy in different times
2.The clash of motivations: different players in the field
3.Rid the fools of their money – the online world of crime and fraud
4.The Windows Special – viruses and other malware
5.Practices, policies and user education (based on The Day When My Stupidity Hurt the Whole World)
6.Hackers, crackers and coloured hats (=> Honeypot Project)
7.The Big Brother: privacy in the Internet Age
8.The identity crisis: threats from stolen identity
9.Wireless freedom or ubiquitous nightmare?
10.The Mark of the Beast? Dissecting the ID card
11.Cryptography – a friend or an enemy (incl. al-Qaida's steganography stuff)
12.Freedom of speech, whistleblowing and stepping on others' toes
13.The Orwellian Internet: online censorship
14.The security industry (antivirus, firewall, blocking, parental control)
15.Open vs closed – does the security via obscurity really work?
16.the presentation of student papers

Labs

Here, some more thoughts are needed. Most of the folks have probably never seen anything but Windows, and this is what they probably will mostly see in near future. Also, there is no other system so vulnerable. OTOH, some broadening of horizons could be nice. So, currently the subjects will be as follows:

1. Basics of administration (probably by example of MS Windows; administrative tasks, Control Panel etc. Also includes main Internet protocols and tools like telnet/ssh, ftp/sfp/scp, ping, traceroute etc)
2.Basic securing of a Windows installation - ?? Maybe merge 1 and 2 and do something else in a lab?
3.Overview of freely available security-related software (antivirus, antispyware, firewall)
4.Understanding firewalls
5.Cleaning after a dumbuser I – a clean but un/misconfigured machine
6.Cleaning after a dumbuser II – a real-life scenario (a typical malware-infested computer)
7.Learning to use encryption tools
8.Taking the other road: let's install Linux (most stress on security/privacy features)

Independent work

  • monitoring certain security webfeeds and writing commentary on one's blog
  • independent testing of free security tools and writing a report/review
  • writing a course paper on a more general security-related topic and presenting it to others


References

Books

  • LEVY, Steven (2004). Crypto: How The Code Rebels Beat The Government - Saving Privacy In The Digital Age.Diane Publishing Co ISBN 0756777887
  • MITNICK, Kevin. (2003) The Art of Deception: Controlling the Human Element of Security. John Wiley & Sons Inc. ISBN 0-4712-3712-4
  • THOMAS, Douglas (2002). The Hacker Culture. University of Minnesota Press. ISBN 0-8166-3346-0

Web