TCOM 548 & 556

TCOM 548 & TCOM 556

Security and Privacy Issues in Telecommunications

And

Cryptography and Network Security

Course Summary

Professor Roy D. Follendore III

Students should frequently read and understand the information on this webpage as some of the information may change.

This pair of courses is intended to provide a broad-ranging introduction to the complexity of security and privacy issues with in telecommunications and to the broad field of cryptography. The intent of these courses is for students to understand and digest the complex and often subtle telecommunications security, privacy and cryptographic issues and philosophy before engineering design mistakes are made. This means that if you are looking for "hands on" or "how to" then this is probably the wrong class to attend. In general mathematics will not be required for these courses, though students may be expected to apply design approaches and understand tools that involve numerical manipulation. The emphasis for these courses will be placed on practical tools and examples using rational rather than on mathematical rigor.

These courses may be a challenge for some, easy for others. These courses are being taught with premise that the academia setting is correct and appropriate place to explore and contribute to the philosophy of security. Therefore, if you are unwilling to question the fundamental nature of security and cryptography then you will not do as well as you might think. On the other hand, if you are unable to work with and contribute in a positive manner to the class then you may also not do so well. Keep these things in mind, take notes and keep up with the discussions and you should do well.

At the conclusion of this course, students should have a basic ability to:

Understand, discuss and appreciate the fundamental concepts of computer security and the principle trade-offs involved in system and network security.
Discriminate between conditional approaches to information security concepts.
Be able to evaluate complex technical proposals concerning security auditing, intrusion detection, etc., and lead oral and written efforts for the evaluation of damage assessment and security control arrangement teams
Communicate effectively in leading computer scientists, engineers and decision experts responsible for the technical elements involved in designing, developing, and operating advanced information security systems in a rational way.

Within this course, students are permitted and encouraged to collaborate on homework and papers/projects. All graded work, however, must be the original effort of the student submitting the material. This means that, while two or more students will be allowed to develop a solution approach for a homework problems together, each student must independently execute their part of the solution in order to be submitted for grading.

Collaboration within tests or exams is not permitted unless specified by the Professor. Students should come to class on time, prepared to take their scheduled tests and exams.

Once a test or exam is in progress, leaving the testing room without permission and/or turning in your paper is unacceptable and will be given a zero for the test.

Students are encouraged to use all available sources to answer questions for group and individually assignment papers and projects. However when doing so, all sources must be properly attributed, and material reproduced directly will be enclosed in quotation marks.

Remember that what you do say as well as what you do not say in your papers and oral presentations may be counted against you. This means that the minimum length paper represents the average number of pages that this Professor believes can be turned in to make a B. If you individually find that you need to write more then do so. If you think that you can get away with writing a paragraph then you may also do so at your peril.

Students who are caught plagiarizing will receive a zero for the paper and may be given a grade of F for the course. Assignments will be assigned, and may be graded and will be checked for plagiarism.

Students are expected to have a personal computer and Internet access and able to communicate.

Although structured as two half-semester classes, there is much to discuss. The material presented in TCOM-548 and TCOM-556 is intended to form a concentrated and continuous progression through the semester. There is some overlap. The nature of these subjects requires leadership and because of this, students are expected to actively prepare and participate in discussions as part of their assignment grade. Students may be asked to deliver a briefing on a particular topic.

Written assignments will be submitted in both hard copy and soft copy email, unless there is a specific requirement to provide soft or hard copy only. The time stamp on the message email transmission will be used as the date/time of the assignment submittal.

Once turned in, assignments may not be modified without special permission from the Professor.

Students may be required to submit a research paper or project, on a specified or approved topic.

(For Example)

Potential topics may be discussed in the first lecture. This paper should be submitted at the Week 6 session, and should be a minimum of 10 pages, excluding technical figures, graphs, tables etc., and bibliography. Students who are taking both TCOM 548 and 556 will be expected to submit an additional paper at the Week 13 session.

Once again: Softcopy delivery should be sent as Microsoft Word (.doc) message attachments using either a 12 pt Arial or Times New Roman font. Softcopy assignments should be sent to the Professor at the email address listed below.

Professor: Roy D. Follendore III

rfollend@gmu.edu

Class hours: Thursday 4:30 – 7:10 p.m. Room 319 Innovation Hall

Additional information can of course be found at: http://telecom.gmu.edu/index.html

Texts: Please listen to the Professor, not bookstore clerks, about purchasing books. (see below)

Mandatory:

Secrets and Lies : Digital Security in a Networked World by Bruce Schneier, 1st edition (August 14, 2000), Published by John Wiley & Sons: ISBN: 0471253111 If you can't purchase this book then check it out from the GMU or a public library. (Begins the process of exploring why security engineering often fails.) This is the kind of book you can sit down and read it over a weekend.

Supplementary Textbook... (These are useful but are not required...)

B. Schneier, "Applied Cryptography? Protocols, Algorithms, and Source Code in C." 2nd ed., John Wiley & Sons, Inc., New York, 1995: ISBN: 0471117099 (Great reference but may be out of print... try Amazon for a used copy. This book was written before Bruce decided that engineering was more than algorithms and codes.)

W. Stallings, "Cryptography and Network Security: Principles and Practice," Prentice Hall, ISBN: 0-13-869017-0 (This book is expensive and is a great security reference for functional system details and complexity but little explanation in the way of understanding why all of these details often don't work well.)

.