Module Code - Title:
EE2021
-
DATA SECURITY (BLENDED
Year Last Offered:
2023/4
Hours Per Week:
Grading Type:
N
Prerequisite Modules:
Rationale and Purpose of the Module:
This module will develop skills in secure mobile application development and give potential and current ICT professionals the fundamental skills and knowledge to develop web and mobile applications.
This data security module introduces the concept of security services such as authentication, integrity and confidentiality, as well as the role of digital signatures and their implementation using cryptographic ciphers.
This data security modules will also introduce basic security protocols that provide security services and attacks against security services: Replay attack, man in the middle attack.
This module is a flexible learning version of ET4014 Data Security.
Syllabus:
[Introduction to Security Services:] Security attacks, OSI model, security services: concepts of confidentiality, data origin authentication, entity authentication, data-integrity, access control, availability.
[Digital Signatures:] The role of signatures, MACs, Hash functions, digital signatures, public key certificates, X509 certification authorities, e-mail security: PGP.
[Security Protocols:] Introduction to key management, peer-to-peer distribution protocols and identification protocols. Secure web (https/ssl), secure shell (ssh) etc.
[Identification techniques:] Identification tokens and smart cards. Biometric identification: finger prints, retina scan, face recognition, voice recognition.
[Attacks:] Definition of attacker and capabilities of attacker, introduction to attacks on protocols, such as replay attacks, man in the middle attack.
Learning Outcomes:
Cognitive (Knowledge, Understanding, Application, Analysis, Evaluation, Synthesis)
On successful completion of this module, students will be able to:
Explain the basic operation of security services such as authentication, integrity and confidentiality.
Explain the differences between a MAC(message authentication code), a Hash function and a digital signature.
Demonstrate the application of PGP (Pretty Good Privacy).
Explain the basic concept of a security protocol.
Describe (qualitatively) the strengths and weaknesses of different identification techniques.
Describe the fundamental operation of replay attacks and man in the middle attacks
Affective (Attitudes and Values)
On successful completion of this module, students will be able to:
NA
Psychomotor (Physical Skills)
On successful completion of this module, students will be able to:
NA
How the Module will be Taught and what will be the Learning Experiences of the Students:
The module will be delivered in a blended flexible learning format of lectures, labs, tutorial, and learning exercises.
Research Findings Incorporated in to the Syllabus (If Relevant):
Prime Texts:
William Stallings and Lawrie Broen (2017)
Computer Security: Principles and Practice 4e
, Pearson
Pfleeger C.P. and Pfleeger S.L. (2018)
Security in Computing (5e)
, Pearson
Boyd C and Mathuria A (2019)
Protocols for Authentication and Key Establishment
, Springer
Other Relevant Texts:
Reid, P. (2004)
Biometrics and Network Security
, Prentice Hall
Delfs H and Knebl H (2015)
Introduction to Cryptography: Principles and Applications
, Springer-Verlag
Viega J, Messier M and Chandra P (2002)
Network Security with OpenSSL: Cryptography for Secure Communications
, OReilly Media
Gourley D et al (2002)
HTTP: The Definitive Guide
, OReilly Media
Programme(s) in which this Module is Offered:
Semester - Year to be First Offered:
Module Leader:
muzaffar.rao@ul.ie