ELE386: Cyber Security

Readings  v0.1, 10/21/2002

                Prof. Ruby Lee
Princeton University, Spring 2003
Week 1: Basic Internet and Computer Architecture
 We discuss the past, current and future computing and communications landscape.  We give an introduction to the architecture of the Internet, a personal computer and an operating system.
 
Week 2: Confidentiality and Integrity
Secret-key cryptography algorithms, such as DES and AES.
Message and data integrity, one-way hash functions: MD5 and SHA-1, and Message Authentication Codes.

"Commerce Announces Streamlined Encryption Export Regulations", Wednesday, January 12, 2000 Web press release.

Handbook of Applied Cryptography web-page
 

Week 3: User Authentication, Key Exchange, Digital Signatures
Public-key cryptography.  User authentication, set up shared secret keys, achieve digital signatures.  RSA, Diffie-Hellman and El-Gamal algorithms and the Digital Signature Standard.
 
Week 4: Internet Security
 The many facets of Internet Security. Virtual Private Networks, Intranets, Extranets, Firewalls and Proxies.  Security algorithms, protocols and architectures implemented at different levels for e-commerce, e-mail, on-line services and other applications.
 
Week 5: Trust, Public-key Infrastructure, Non-Repudiation, Accountability
Trust model implemented with certificates and the public-key infrastructure (PKI).  Non-repudiation of requests.  Accountability in e-commerce and other secure transactions.
 
Weeks 6-7: Threats and Defenses
 Different threats, the mentality of hackers and hacking techniques.  Denial of Service attacks and countermeasures.  Defenses that a user of a personal computer may take, including a discussion of firewalls (and their limitations).
 
Week 8: Viruses and Worms
Viruses and worms, and how they propagate.  Trojan horse code and other types of malicious code.  Anti-virus techniques.
 
Weeks 9-10: Privacy, Anonymity and Surveillance
Individual privacy and anonymity.  Threat of stolen identity and its implications.  Surveillance technologies.  Policy and social issues are discussed.

Independent Technical Review of the Carnivore System, Final Report, IIT Research Institute, December 8, 2000.

Answers to Frequently Asked Questions (FAQ) about Echelon, updated February 7, 2002.
 
 

Week 11-12: Digital Rights Management and Piracy
Intellectual property and copyright of digital multimedia products.  Watermarking techniques and digital rights management (DRM) techniques. Digital Millenium Copyright Act (DCMA).  Case studies involving MP3, Napster, SDMI, and Disney with regard to piracy concerns and the free flow of information in the Internet.

Marc Davis, "From Pirates to Patriots: Fair use for digital media", IEEE Multimedia, Vol. 9 No. 4, pp. 4-7, Oct-Dec 2002.

Kenji Taima, "Can we ever charge Napster users?", IEEE Multimedia, Vol. 9 No. 4, pp. 76-81, Oct-Dec 2002.

Pamela Samuelson, "Toward a New Politics of Intellectual Property" World Wide Web 2002 conference, derivative of CACM 44:98, March 2001.

"RIAA Sues MP3.com",  by Christopher Jones, Wired News, Jan. 22, 2000

Yochai Benkler, "Coase's Penguin, or, Linux and the Nature of the Firm", NYU School of Law, October 2001.

Pamela Samuelson, "Encoding the law into digital libraries", Communications of the ACM, Volume 41 Issue 4, April 1998.

Hal Berghel, "Digital village: Responsible web caching", Communications of the ACM Volume 45 Issue 9, September 2002

Calvin K. M. Lam , Bernard C. Y. Tan, "The Internet is changing the music industry", Communications of the ACM Volume 44 Issue 8, August 2001.

Glenn Durfee , Matt Franklin, "Distribution chain security", Proceedings of the 7th ACM conference on Computer and communications security, November 2000

James M. Burger , Christopher J. Cookson , Darko Kirovski , David P. Maher , Miodrag Potkonjak , Jeremy Welt, "Multimedia copyright enforcement on the Internet" (panel session), Proceedings of the eighth ACM international conference on Multimedia October 2000

Barbara Simons, "Viewpoint: the ACM declaration in Felten v. RIAA", Communications of the ACM Volume 44 Issue 10, October 2001.

Jean-Henry Morin , Dimitri Konstantas, "HyperNews: a MEDIA application for the commercialization of an electronic newspaper", Proceedings of the 1998 ACM symposium on Applied Computing, February 1998.

Lance J. Hoffman, "The DMCA and you: Motivations behind a role play at CFP: repeated assaults on the constitution by extremist property rights advocates", Proceedings of the 12th annual conference on Computers, freedom and privacy, April 2002.

Joseph Williams, "IT Architecture meets the Real (Legal) World", IT Pro, September 2001.