| Instructors: | Dipl.-Inform. Anne Baumgraß |
| Type: | PI |
| Weekly hours: | 2 |
| Members (max.): | 25 |
| Registration period: | 08/16/10 to 10/11/10 |
- Class objective(s) (learning outcomes)
- After absolving this course students know basic software-engineering aspects of networks and network security. They will have basic knowledge of how security concepts relate to the applications of communications technology.
With this course students have the ability to:
- Design and classify computer networks
- Characterize methods for data transmission
- Differentiate between the different communication and Internet protocols
- Identify and evaluate potential threats for software systems
- Plan and evaluate countermeasures
- Comprehend safety correlations in general - Prerequisites according to degree program
- Für Studierende BW/ HW alt: Wahlpflichtveranstaltung (CP) in der SBWL Wirtschaftsinformatik
Für Studierende BW/ HW neu: Vertiefungsfach 1 der SBWL Wirtschaftsinformatik
Für Studierende des Wirtschaftsinformatik Bakkalaureats: Veranstaltung des CBK2For Exchange Students:
Course in Information Systems, MIS or Computer Science - Teaching and learning method(s)
- The course consists of lectures of professional cohesion to data communication, computer networks and security, as well as security management with assigned textbook and paper readings.
- Criteria for successful completion
- The course demands mandatory attendance (prüfungsimmanent). The grade is composed of two midterms during the semester and a final exam at the end of the course:
20% of the grade from first midterm
20% of the grade from second midterm
60% of the grade from final exam
The time and points for the terms equal the percent. Therefore you get 20 minutes for the first and second midterm to get for each 20 points. For the final exam you have 60 minutes to earn 60 points.To pass the course you need 50%, independent from which term(s) you earned these 50 points.
- Availability of instructor(s) for contact by students
- Office hours during the regular semester are Thursday 10:00 - 12:00, Department of Information Systems, UZA-II, 2H260, ground floor. Email: mailto:abaumgrass@wu.ac.at
- Miscellaneous
- Overview of computer networking and network security. Learning of base terminology, threats, countermeasures etc. Basic concepts of networks and network security with an emphasis of how security concepts relate to the applications of communications technology.
| Day | Date | Time | Room |
|---|---|---|---|
| Tuesday | 10/12/10 | 05:00 PM - 07:00 PM | VR Bibl. I (A) |
| Tuesday | 10/19/10 | 05:00 PM - 07:00 PM | VR Bibl. I (A) |
| Tuesday | 11/02/10 | 05:00 PM - 07:00 PM | VR Bibl. I (A) |
| Tuesday | 11/09/10 | 05:00 PM - 07:00 PM | VR Bibl. I (A) |
| Tuesday | 11/16/10 | 05:00 PM - 07:00 PM | VR Bibl. I (A) |
| Tuesday | 11/23/10 | 05:00 PM - 07:00 PM | VR Bibl. I (A) |
| Tuesday | 11/30/10 | 05:00 PM - 07:00 PM | VR Bibl. I (A) |
| Tuesday | 12/07/10 | 05:00 PM - 07:00 PM | VR Bibl. I (A) |
| Tuesday | 12/14/10 | 05:00 PM - 07:00 PM | VR Bibl. I (A) |
| Tuesday | 12/21/10 | 05:00 PM - 07:00 PM | VR Bibl. I (A) |
| Tuesday | 01/11/11 | 05:00 PM - 07:00 PM | VR Bibl. I (A) |
| Tuesday | 01/18/11 | 05:00 PM - 07:00 PM | VR Bibl. I (A) |
Computer communications, signal transmission, channel capacity and data rates, analog vs. digital transmission, signal modulations, physical and logical channels
| Unit | Contents |
|---|---|
| 1 |
Introduction, organization, course units overview. Fundamentals of data communications: |
| 2 |
Fundamentals of computer networks: classification of networks, network topologies, network layer models ISO/OSI model |
| 3 |
Functions of the data link layer: error correction methods, synchronization methods, flow control, addressing, access methods |
| 4 |
Network layer and switching elements: routing, route selection, quality of service, hubs, switches, bridges, routers, gateways |
| 5 |
Internet Protocol Suite (TCP/IP): history, layer model of TCP/IP, Internet addressing, address assignments, ARP, IP-router, IP packages, Transmission control protocol (TCP), user datagram protocol (UDP), Sockets, network address port translation (NAPT), hypertext transfer protocol (HTTP) |
| 6 |
Network security basic principles and terminology: threats, vulnerabilities, countermeasures, security goals |
| 7 |
Cryptography: Terminology and Applications terminology and basic cryptographic techniques/procedures, cryptographic protocols (SSL/TLS,SSH,IPSec) Wireless LAN Security |
| 8 | Firewalls and Intrusion Detection Systems |
| 9 | Fundamentals of access control |
| 10 | Exercises |
| 11 | Final exam |
Tanenbaum, Andrew S.: Computer Networks, Prentice Hall, 3rd Edition, 1996; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Unbedingt notwendige Studienliteratur für alle Studierenden
Hansen/Neumann: Wirtschaftsinformatik 2, UTB Lucius& Lucius, 9th Edition, 2005; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Stark empfohlen (aber nicht absolute Kaufnotwendigkeit)
L. Subramanian, V. Padmanabhan, and R. Katz: Geographic Properties of Internet Routing, Proceedings of the USENIX Annual Technical Conference, Monterey, CA,, 2002; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
H. Zimmermann: OSI Reference Model-The ISO Model of Architecture for Open Systems Interconnection, Communications, IEEE Transactions on 28(4), 1980; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
Steven M. Bellovin: A Technique for Counting NATted Hosts, IMW02, Marseille, France, 2002; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
Fielding, R. et al.: Hypertext Transfer ProtocolHTTP/1.1., ftp://ftp.rfc-editor.org/in-notes/rfc2616.txt, Section 9 and 10, 1999; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
B. Krishnamurthy, J. C. Mogul, and D. M. Kristol: Key differences between http/1.0 and http/1.1, Computer Networks, vol. 31(11-16), 1999; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
Neumann, P. G.: Risks of Insiders, Communications of the ACM, 42(12), 1999; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
S. Bellovin: Security Problems in theTCP/IP Protocol Suite, Computer Communications Review 2:19, 1989; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
B. Stone-Gross, M. Cova, L. Cavallaro, B. Gilbert, M. Szydlowski, R. Kemmerer, C. Kruegel, and G. Vigna: Your Botnet is My Botnet: Analysis of a Botnet Takeover, UCSB Technical Report, Santa Barbara, CA, USA, 2009; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
Ross Andersen: Why Information Security is Hard - An Economic Perspective, Proceedings of the 17th Annual Computer Security Applications Conference December 10-14, 2001 New Orleans, Louisiana, 2001; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
Levi, A.; Koc, C. K.: Risks in Email Security, CACM, 44(8), 2001; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
Schneider, B.: Risks of Relying on Cryptography, CACM, 42(10), 1999; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
Abelson, H. et al.: The Risks of Key Recovery, Key Escrow, & Trusted Third Party Encryption, 1998; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
Dawn X. Song and Adrian Perrig: Advanced and Authenticated Marking Schemes for IP Traceback, Computer Science Division (EECS) University of California Berkeley, California 94720, Report No. UCB/CSD-00-1107, 2000; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
Rolf Oppliger: Internet Security: Firewalls and Beyond, COMMUNICATIONS OF THE ACM Vol. 40, No. 5, 1997; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
Know Your Enemy: Honeynets, http://www.honeynet.org, 2003; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
Housley, R.; Arbaugh, W.:: Security Problems in 802.11-Based Networks, COMMUNICATIONS OF THE ACM Vol. 46, No. 5, 2003; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
Berghel, H.: The Code Red Worm. Malicious software knows no bounds., COMMUNICATIONS OF THE ACM Vol. 44, No. 12, 2001; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
Sandhu, R. S. et al.: Role-Based Access Control Models, IEEE Computer, 29(2), 1996; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
Strembeck, M.: Embedding Policy Rules for Software-Based Systems in a Requirements Context, Sixth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY05), 2005; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
European Information Society Group: Policing the Internet - Democratically accountable partnerships or self-protection groups?, Somerset, England: EURIM,, 2006; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
Bellia, Patricia L.: Spyware and the Limits of Surveillance Law, Berkeley Technology Law Journal, Vol. 20,, 2005; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
Jim Harper: Understanding Privacy -- and the Real Threats to It, Cato Policy Analysis no. 520, 2004; Content relevant for class examination: Keine Angabe; Content relevant for degree examination: Keine Angabe; Recommendation: Keine Angabe
Back