Module 6 - Communications Security

OBJECTIVES:

The objective of this module is to present the advanced concepts of information protection in data communication sys¬tems and networks. LEARNING OBJECTIVES

Upon completion of this module, the student should be able to:

  • Explain protection concepts for data communications systems and networks;
  • Identify threats to data communications systems and networks and appropriate countermeasures;
  • Recognize the need for tradeoff studies of the costs and benefits involved in achieving communications security.
PREREQUISITE:

The student should be a senior and should have completed courses in both computer systems hardware and software. The student should also have taken courses that included the modules Introduction to Information Protection, PC/Workstation Security, Security Fundamentals, Systems Security or similar classes.

Topic Outline:
Communications Security

  1. Overview 1 Hours
    1. Brief Review Of The Concepts Of Protection In Data Communication Systems And Networks From A Management Perspective
      1. Systems Objectives: Controlled Sharing Of Information And Resources.
      2. Specific Needs: Privacy, Integrity And Availability.
      3. Policies And Mechanisms.
      4. Assets: Identification Of Valuable/ Sensitive Data And Information.
      5. Threats And Vulnerability.
    2. The Interrelationship Of Communications Security Network Security For Interconnected Elements:
      1. Systems Connectivity
      2. Public/Private Carriers
      3. Relationship To Reliability And Dependability
  2. Threats 2 Hours
    1. Types Of Attacks/Failures
      1. Passive Intrusion
        1. Disclosure Of Message Contents
        2. Traffic Analysis
        3. Disclosure Of Data On Network Users
      2. Active Intrusion
        1. Modification Or Deletion Of Message Contents
        2. Insertion Of Bogus Messages
        3. Replay Or Reordering Of Messages
        4. Viruses
      3. Natural Disasters/Catastrophes/Sabotage
        1. Human Errors
        2. Fires, Floods, Brown-Outs.
    2. Locus Of Attack/Failure
      1. Terminals
      2. Hosts
      3. Front-Ends
      4. Gateways
      5. Links
      6. Switches (Includes Multiplexer, Intermediate Nodes)
      7. Interconnected PC/Workstations (Includes LAN, Host-PC Etc.)
  3. Countermeasures 2 Hours
    1. Encryption
      1. Private-Key And Public-Key Systems - Des And RSA As Examples
      2. Key Distribution
      3. Link Level And End-To-End
    2. Authentication
      1. Node And User Authentication
      2. Passwords
      3. Message Authentication
      4. Encryption-Based
      5. Added Protection For PC Authentication Date
    3. Access Control
      1. Access Control Mechanisms-Control Lists And Passwords
      2. Administration
    4. Contingency Planning
  4. Tradeoffs - Costs And Benefits 2 Hour
  5. Network Design 2 Hour