Network security

Quadrimestre 5 -

24 hours

Coordinator : PMA

Teacher : PMA

General course description

IT, as one of the first vectors in our consumption society, is being threatened. Entreprises' survival depends on their right assessment of potential risks as well as on their policies to counter these risks. How are IT security concepts and principles taken into account in IS? What are security architectures and models in existing networks or networks to be? Issues at stake in this matter: automated payments (e-commerce), information networks (medical or legal), mobile and wireless networks (m-commerce), etc.

Learning basic skills

First-year and second-year courses:

  • Introduction to Networks and Telecommunications
  • Signal and transmission
  • Networks protocols and models
  • Internet applications
  • Network management and administration
  • Wireless technologies

Course Aims

Gain an understanding of the needs in security in networks and the implemented solutions in the products being on the market. Be able to choose and to put forward security solutions in the enterprise and in the hardware and software.

Course Outline

1. Security concepts and principles

  • Risks: threat, disaster, direct and indirect losses
  • Risk and threat typology
  • Global approach on security: analysis of the risk and protection
  • Risk and security audit
  • Security: a transversed field (IS, systems and networks management, physical security, personnel, technologies,...)

2. Network-related risks

  • Network typology and software architectures (OSI, Internet, ATM, Mobiles)
  • Application technology (centralised, client-server, distributed)
  • Security services: authentication, access control, confidentiality, integrity, non-repudiation

3. National and international regulations

  • Laws: information, copyright, cryptography, legal stakes

4. Computer system intrusion methods and scripts

5. Cryptography

  • Introduction to cryptography
  • Standard cryptography
  • Asymmetric cryptography
  • Integrity and digital signature
  • Key management - PKI Infrastructure - X.509 certification
  • Authentication

6. Schema and cryptographic protocols

  • OSI, TCP/IP, IPv6 (IPSec)

7. Internet/Intranet safety

  • Electronic payment and e_commerce
  • Internet access security: access needs to Internet
  • Vulnerability Internet/Intranet: surfers safety on Internet/Intranet, well-known protocols,...
  • Different solutions: filtering IP; router/firewall, NAT, DMZ, VPN,...
  • Firewalls: intake, functionalities
  • VPN
  • Anti-virus control
  • Users management
  • Safety architecture examples

8. Physical security

9. Safety architectures

  • Issue on the system safety: single logon, access rights management, audit, seamless and efficient safety
  • 3A architectures: authentication, authorisation, audit
  • Standards, projects, products: Kerberos, X509, Radius, Tacacs,...

10. Safety models

  • UNIX, Windows NT/2000

11. Safety audits

  • Safety cycle
  • Safety policy
  • Safety audit

Bibliography

  • Course book
  • Eric Maiwald, L'intro. Sécurité des réseaux CampusPress 2001
  • Travaux d'étudiants années antérieures : Cfr. eDistri PMA et Synthèse de B. Pistone (ESI 2005)
  • Alexandre Fernandez-Toro, Management de la sécurité de l'information - Implémentation ISO 27001, 2ème édition, Eyrolles 2003, 2006
  • Didier Godart, Sécurité Informatique - Risques, stratégies et solutions, 2ème édition, EdiPro 2005
  • Cédric Llorens, Laurent Levier, Denis Valois, Tableaux de bord de la sécurité réseau, 2ème édition, Eyrolles 2003, 2006
  • Vincent Remazeilles, La sécurité des réseaux avec CISCO, ENI 2009