CSC 474 Information Systems Security

Spring 2005

(This page will be changed frequently. Check before class.)

New! Guideline for preparing for the final exam.


Dr. Peng Ning


Office hours:

3:00pm -- 4:00pm on Mondays and Wednesdays

Office phone:

(919) 513-4457


(919) 513-7447

Email address:

pning (at) 


Teaching assistant:

Shu Huang


Office hours:

Tuesdays and Thursdays, 4pm - 5pm, EGRC 454L.

Email address:

shuang5 (at)

Class location:

Withers 210A

Day and time:

Mondays, Wednesdays, 4:45pm -6:00pm.

Course Syllabus


Mailing list:

Web page:

Message Board:

Lab Resources:

One of the homework assignment will include lab exercises, which will be done in the Networking Lab in Venture II. The following are instructions for those in Fall 2004.

Note on assignments:

You must use text editor (e.g. MS Word) to complete your homework. Handwritten submissions are not accepted. You should submit hard copies unless otherwise specified.

All work is to be performed individually unless otherwise specified. For the collaborative problems, you are encouraged to form teams of 1-3 members (of students in this class) to cooperate only on those problems. After discussing the problems, please write up your answers individually. Indicate the names of the other members in your team, if any.

You get no extra credit for working alone where collaboration is permitted.

Schedule of classes



Reading Assignment

(Complete before class. Reading assignments are given in the order of importance for each lecture.)

Homework Assignment


1/10/05 Introduction
    T1 pdf
T1 pps
1/12/05 Topic 1: Basic security concepts
Topic 2.1: Introduction to cryptography
Chapter 1   T2.1 pdf
T2.1 pps
1/17/05 No Class
(Martin Luther King, Jr.Day)



Class cancelled due to adverse weather





Topic 2.1 (Cont'd)
Topic 2.2: Secret key cryptography 

Chapter 2  

T2.2 pdf
T2.2 pps

1/26/05 Topic 2.2 (Cont'd) Chapter 3

(Due by 2/21/05)

TA's reference solution
(There is a typo; the correction is in a note besides the highlighted typo.)


Topic 2.2 (Cont'd)

Chapter 4    

Topic 2.2 (Cont'd)
Topic 2.3: Hash functions

Chapter 5   T2.3 pdf
T2.3 pps
2/07/05 Topic 2.3 (Cont'd)
 Topic 2.4: Basic number theory
Chapter 7  

T2.4 pdf
T2.4 pps


Topic 2.4 (Cont'd)

Topic 2.5 Public key cryptography

Chapter 6   T2.5 pdf
T2.5 pps
2/14/05 Topic 2.5 (Cont'd)      

Topic 3.1 Overview of Identification and authentication

Chapter 9   T3.1 pdf
T3.1 pps

Topic 3.2 User Authentication

Chapters 10 & 12

  T3.2 pdf
T3.2 pps

Topic 3.3 Security Handshake Pitfalls

Chapter 11   T3.3 pdf
T3.3 pps
2/28/05 Topic 3.3 (Cont'd)      
3/02/05 Mid-term Exam
(in class)

Scope: Topics 1 -- 3

Sample Mid-Term Exam


Spring Break


Spring Break

3/14/05 Review of mid-term exam
Topic 4.1 Firewalls


  T4.1 pdf
T4.1 pps
3/16/05 Topic 4.1 (Cont'd) Chapter 23

(Due by 3/30/05)

TA's reference solution

3/21/05 Topic 4.2 IPsec: AH and ESP Chapter 17   T4.2 pdf
T4.2 pps
3/23/05 Topic 4.2 (Cont'd)
Topic 4.3 Internet Key Management
Chapters 16 & 18   T4.3 pdf
T4.3 pps
3/28/05 Topic 4.3 (Cont'd)      
3/30/05 Topic 4.3 (Cont'd)
Topic 4.4 PKI

Topic 4.3 (Cont'd)


(Due by 4/18/05)

TA's reference solution

T4.4 pdf
T4.4 pps
4/06/05 Topic 4.4 PKI Chapter 15    
4/11/05 Topic 4.4 (Cont'd)
Topic 4.5 SSL
Chapter 19   T4.5 pdf
T4.5 pps

Topic 4.5 (Cont'd)
Topic 4.6 Kerberos

Chapter 13

(Due by 4/25/05)

TA's reference solution

T4.6 pdf
T4.6 pps

Topic 4.6 (Cont'd)
Topic 4.7 Email security (self-study)

Class Evaluation

Chapters 20 , 21, & 22


Topic 5.1 Malicious Software
Topic 5.2 Evaluation of Secure Information Systems (self-study)

Final Review


T5.1 pdf

T5.2 pdf
T5.2 pps

4/25/05 Class Cancelled      
4/27/05 TA's session
5/04/05 Final Exam