Security of Computer Systems and Networks (CMSE456)
Computer systems and network security requirements, security threats, and attacks. Confidentiality, integrity, availability, assurance, authenticity, anonymity, nonrepudiation. Access Control: Access control models, discretionary, mandatory, and role-based access models; Kerberos. Methods providing physical security, hardware, software, and information protection. Malicious software. Link, network and transport layers security. Browser security. Wireless network security. Symmetric and asymmetric cryptographic methods, DES, AES, RSA, ECC. Authentication, digital signature, certificates, one-time passwords, hash functions. Key management, Ethical and legal issues. Operating systems security: process security (optional).