IT security
Objectives
Introduction to basic concepts of computer systems security, in particular symmetric and asymmetric ciphering techniques, and their application to the development of authentication protocols. Introduction and illustration of discretionary and mandatory security policies, but also to intrusion tolerance techniques.
Description
The lecture is composed of four main sections:
– Introduction to basic concepts of computer security (classification of attacks, cryptography, evaluation)
– Illustration using basic examples (DES, RSA, Diffie-Hellmann, electronic signatures)
– Authentication and zero-knowledge authentication protocols (Needham-Schroeder, Fiat-Shamir, smartcards)
– Protection in computing systems (discretionary and mandatory security policies) and examples
The lecture concludes with notions of intrusion tolerance (Shamir threshold schemes, fragmentation-scattering).
Targeted skills
Basic knowledge in cryptography
Zero-knowledge authetication protocols
Discretionary and mandatory security policies
Bibliography
ENSEEIHT lecture slides presented by M. Fabre;
« Applied Cryptography», Bruce Schneider, John Wiley Eds (1994) ;
« Practical Unix & Internet Security », Simson Garfinkel & Gene Spafford, O’reilly Associates, Inc. (1996).
Pre-requisites
Algorithmics, C / C++ programming
Places
- Toulouse