The use of computers and computer networks, in particular the Internet,
is becoming an integral part of our lives in different application areas,
such as e-banking and e-commerce.
This has given us numerous advantages and convenience.
However, at the same time, the security of computer systems becomes
a critical issue.
How can computer systems defend themselves against network attacks?
How can we ensure that our data have not been tampered with, or disclosed
without our consent?
How can we be sure of the identity of the party whom we are communicating
with?
These are some of the security issues that must be addressed properly.
This module will provide students with knowledge of the security issues in
computer systems.
A fundamental part of security systems is cryptography, the science of
secret writing.
There have been rapid advances in cryptography in the past few decades, and
cryptography has become an integral part of many commercial computer
applications.
The module will explain the principles of modern public key cryptography,
a cornerstone of many security-enabled network applications in current use.
A number of cryptographic primitives, including message digests,
digital signatures and certificates, will be discussed.
The module will go through all details of how to
write secure network applications using these cryptographic primitives.
The course presents the security model of Java introducing elements of its
access control model (e.g., Security manager and policies). Also, a few
notation and techniques for the analysis of cryptographic protocols commonly
adopted in distributed applications are introduced. Such techniques are used
to argue about security aspects of some amongst the most popular applications
of cryptographic protocols (e.g., Pretty Good Privacy and digital
signatures).