Computer Security - Datas�kerhet, dasak10
NEWS: June exam results in RAPP.News from March: The exams are available at expeditionen, the results are in RAPP. Note that question 2 (MAC/DS) was moved to the second part of the exam. Preliminary date/time for the re-exam: June 3, 14-19h. Please fill out the course evaluation form here:News from March 16: There was an incomplete solution to the previous exam on the web, it's now complete. The EXAM IS POSTPONED, to Thursday, 9 am, D1. Read your e-mail for more information. News from March 15: do not come to KTH for the exam only (due to threat against KTH, apparently averted in the meantime), the new date will be posted here. Check your e-mail and respond to the poll to agree on the new exam date. E1, E2 grades and bonus points in RAPP. Final presentation schedule for March here, do take advantage of learning about many topics with extremely little effort by attending the presentations. Presenters attend the full 2-hour slot. Abstract hand-in before final presentation. Find old exams on the DD2395 page (in Swedish, scroll down) News from Feb. 24: Check out the rules for E3 below! Topics and the schedule for Thursday, Feb. 25 and the first week of March are posted here, so you can also listen to other presentations than the ones in your session. For all dry runs: although you were allocated a particular slot within the dry-run hour, do show up at the start of the session you are in. A projector will be provided. Remember the 10 min presentation length - even if you have a demo! E2 catch-up on March 2, 13-17h, Spelhallen. News from Feb. 22: More presentation slots available, both before and after the exam. Note that there was a typo on the dry run reservation site for this week, the slots are on Thursday, Feb. 25, not on Tuesday. You can still sign up for these. News from Feb. 19: More dry-run slots available now. News from Feb. 18: online presentation topic reservation system closed, last chance to join: mailto buc. Final presentation time slots can now be booked. News from Feb. 17: No more regular lab sessions on Thursdays for this term, they are replaced by the dry-run and presentation slots of E3, slot reservation for final presentation up on Thursday, Feb 18. Dry run time slots available now! Sign up for presentation topics by Feb. 17 midnight. News from Feb 13: Guest Lecture on Security Audis by M�rten Trolin (Ernest /& Young) on Wednesday, February 17! News from Feb. 11: Lab2 instructions file updated below. Presentation topic reservation open until Feb. 17. News from Feb. 9: Presentation topics available, see Lab section. GPG Lab: hand in encrypted and signed report in txt, pdf, html or doc format; filename should include both file extension and your name. Please register at RAPPIf the system doesn't recognize you, send an e-mail to buc@kth.se to be added. If you are in the system, but haven't confirmed yet that you take the course, please do so.Extra lecturesComputer Architecture, by Stefan Nilsson, Wed. Jan. 20, 13-15h, D31, core, machine. Operating Systems, by Inge Frick, Thu. Jan. 21, 10-12h, D41, pdf. Computer Networks, by Olof Hagsand, Wed. Jan. 27, 13-15h, D41, pdf.
Course book - Kursbok
William Stallings och Lawrie Brown,
Computer Security: Principles and Practice,
ISBN-10: 0136004245,
ISBN-13: 9780136004240,
Prentice Hall. Lab exercisesE1: GnuPG, instructions here. The lab exercise can be done remotely or at the lab sessions on Thursdays. Needed public keys: course and buc. Course fingerprint: 337E 0D6D 7DC1 3774 A59B 1A0D E98E E8DA B1B9 9EAE, buc fingerprint: F4D9 D466 BE8A 72BE A273 DD64 ABDE 0A90 35AB F4AA. These can also be found on a different website. To get a bonus point for the exam, the lab report has to be handed in by Feb. 11, 2010, 23.59h CET. E2: Packet filtering with iptables. This lab exercise will be done (and finished) in one session on February 12, first group in the morning slot (last names A-L), second group in the afternoon (last names from M onwards). The description is here. E3: Oral presentation on a security topic, in pairs, topics to choose from are listed here. Reserve your chosen topic here. If you want to use another topic not from the list, mail it to buc. 10 min presentation per pair, one dry-run before, detailed rules and tasks here. Dry-run presentation time slots are available here. Presentation schedule slots are listed here. You get a bonus point if you give your final presentation before the exam, i.e., choose a slot from the list given in the previous sentence. Check out the lecture on presentation techniques by Henrik Eriksson on Monday, Feb. 8.
Lecture contents, slidesL1: Course administration, intro to security, book chapter 1, pdf. L2: Cryptography, book chapters 2,20, pdf. L3: Authentication, book chapter 3, pdf. L4: Access control, book chapter 4, pdf. L5: Intrusion detection, book chapter 6, pdf. L6: Intrusion detection, prevention, firewalls, book chapters 6,9, pdf. L7: Malicious Software, book chapter 7, pdf; part of the second hour: lecture on presentation techniques given by Henrik Eriksson. L8: Malicious software, denial of service, book chapters 7,8, pdf. L9: OWASP Top Ten Application Risks, pdf. Illustrative SQL injection example. L10: guest lecture on security audits by M�rten Trolin, see also book chapter 15 on the same topic, pdf. L11: Multi-level security, trusted computing, book chapter 10, pdf. L12: Human factors, secure software engineering, book chapters 14,12, pdf. L13: Social engineering, examples from Mitnick's "The Art of Deception", see also the reference guide L14: Course recap, exam info, buffer overflows, book chapters 11, 12, pdf. Schedule - Schema
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
DD2395