Page 1 of 1

Module Code - Title:

ET4014 - DATA SECURITY

Year Last Offered:

2023/4

Hours Per Week:

Lecture

2

Lab

2

Tutorial

1

Other

0

Private

0

Credits

6

Grading Type:

Prerequisite Modules:

Rationale and Purpose of the Module:

To introduce the concept of security services such as authentication, integrity and confidentiality. To introduce the role of digital signatures and their implementation using cryptographic ciphers. To introduce basic security protocols that provide security services. Attacks against security services: Replay attack, man in the middle attack.

Syllabus:

[Introduction to Security Services:] Security attacks, OSI model, security services: concepts of confidentiality, data origin authentication, entity authentication, data-integrity, access control, availability. [Digital Signatures:] The role of signatures, MACs, Hash functions, digital signatures, public key certificates, X509 certification authorities, e-mail security: PGP. [Security Protocols:] Introduction to key management, peer-to-peer distribution protocols and identification protocols. Secure web (https/ssl), secure shell (ssh) etc. [Identification techniques:] Identification tokens and smart cards. Biometric identification: finger prints, retina scan, face recognition, voice recognition. [Attacks:] Definition of attacker and capabilities of attacker, introduction to attacks on protocols, such as replay attacks, man in the middle attack.

Learning Outcomes:

Cognitive (Knowledge, Understanding, Application, Analysis, Evaluation, Synthesis)

Explain the basic operation of security services such as authentication, integrity and confidentiality. Explain the differences between a MAC, a Hash function and a digital signature. Demonstrate the application of PGP. Explain the basic concept of a security protocol. Describe (qualitatively) the strengths and weaknesses of different identification techniques. Describe the fundamental operation of replay attacks and man in the middle attacks.

Affective (Attitudes and Values)

N/A

Psychomotor (Physical Skills)

N/A

How the Module will be Taught and what will be the Learning Experiences of the Students:

Research Findings Incorporated in to the Syllabus (If Relevant):

Prime Texts:

William Stallings and Lawrie Broen (2008) Computer Security: Principles and Practice , Prentice-Hall
Pfleeger C.P. and Pfleeger S.L. (2003) Security in Computing (3e) , Prentice-Hall
Boyd C and Mathuria A (2003) Protocols for Authentication and Key Establishment , Springer

Other Relevant Texts:

Reid, P. (2004) Biometrics and Network Security , Prentice Hall
Delfs H and Knebl H (2007) Introduction to Cryptography: Principles and Applications , Springer-Verlag
Viega J, Messier M and Chandra P (2002) Network Security with OpenSSL: Cryptography for Secure Communications , OReilly Media
Gourley D et al (2002) HTTP: The Definitive Guide , OReilly Media

Programme(s) in which this Module is Offered:

Semester - Year to be First Offered:

Module Leader:

muzaffar.rao@ul.ie