TDDD17 Information Security, Second Course
The course literature consists of the lectures handouts and the reading material prepared by the lecturers on this page. The literature marked with read for exam is mandatory for the exam, i.e. exam questions could cover any of the marked references. The un-marked literature is useful extra reading material.
The amount of mandatory reading material (number of pages) for each topic is approximately the same.
* Note that the lecture handouts are among the read for exam material.
1) System security
- M. Bishop, "Computer Security: Art and science", Addison-Wesley, ISBN 0-201-44099-7. read for exam
- Sections 2.1-2.3
- Sections 5.1-5.2
- Sections 6.1-6.3
- Section 7.4
- Sections 13.1-13.3
- Sections 15.1-15.4
Reading guidelines for system scrurity
Protection state, access control matrix, protection state transitions (i.e. a formal model for changing the access control matrix). Similar material should be found in most fundamental computer security textbooks.
Confidentiality policies and the Bell-LaPadula model. The Bell-LaPadula model is discussed in most fundamental computer security textbooks, but Bishop goes in to a great deal of detail. In particular, he covers the formalization of the model as well as instantiation of the model in a real operating system. The basics of Bell LaPadula are the most important, but some familiarity with the formalization is also expected.
Integrity policies, the Biba integrity model and Lipner's integrity matrix model. The Biba model should be covered in any fundamental computer security textbook. Bishop covers a formalization of the model as well as its combination with Bell LaPadula.
Role-based access control. Bishop covers the formal RBAC model, which differs from trivial implementations called RBAC in some operating systems. An alternative source is found here.
Design principles. Bishop covers the following design principles, all of which can be found through a web search: principle of least privilege, principle of fail-safe defaults, principle of economy of mechanism, principle of complete mediation, principle of open design, principle of separation of privilege, principle of least common mechanism, principle of psychological acceptability. Note that knowing the definitions is not enough; students must also be able to recognize when a design principle is applied (or not) apply the principles in practice. One place that has many of the principles (some under other names) is found here.
Access control mechanisms. Bishop covers access control lists, including practical concerns (abbreviations, creation, maintenance, modification, privileged users, role of the owner, groups, wildcards, conflicts, revocation and default permissions); capabilities, including implementation, copying, amplification, revocation, limits. Bishop also covers "locks and keys", which combine the features of capabilities and access-control lists, type checking and secret sharing.
Access controls and capabilities should be covered by most fundamental textbooks, but perhaps not to the same level of detail as Bishop does. Secret sharing is reasonably well covered by Wikipedia (particularly the references). Locks and keys and type checking are, unfortunately, difficult to find covered in a similar manner elsewhere.
2) Identification and authentication, Biometric user authentication
Note: The material for this section has been updated at February 4, 2013. "Security Engineering" by R. Andersson is no longer required reading for the exam. Instead we have added chapter 7 in "Introduction to Biometrics" by A. Jain et.al. to the list of mandatory reading.
- A. Jain, A. Ross and K. Nandakumar, Chapters 1 and 7 in "Introduction to Biometrics". Springer, 2011. Available online via the LiU library. In Chapter 7, the sub-section 7.1 is especially important. read for exam
- International Biometric Group
- Ross Anderson, Security Engineering, Wiley, ISBN 0-471-38922-6 .
3) Practical network security
Comment added 4/3-13: Some of the Wikipedia articles may include sections that have been broken out into other articles (currently, for example, "Firewall" links to "Stateful firewall"). You can recognize these from the link labeled "main article" at the beginning of each such section. These main articles are also included in read-for-exam.
- D. Smith, "Improving Computer Security through Network Design". read for exam
Mapping, attacks and vulnerabilities
- Matta Security Limited. "An Introduction to Internet Attack and Penetration". Read pages 5-8. read for exam
- Fyodor, "Remote OS detection via TCP/IP stack fingerprinting". The section on nmap is beyond the scope of this topic; you don't have to read it at all.
- Joe Stuart. "DNS Cache Poisoning -- The Next Generation". Read pages 1-10. read for exam
- Ptacek and Newsham. "Insertion
Evasion and Denial of Service: Eluding Network Intrusion Detection". read for exam
Sections 1-2 are required reading. Include section 3-6 for in-depth reading.
- N. Cam-Winget, R. Housley, D. Wagner, and J. Walker, "Security Flaws in 802.11 Data Link Protocols". read for exam
IPSec and SSL/TLS
- Kent, BBN Corp, Atkinson and @Home Network. "RFC
2401: Security Architecture for the Internet Protocol". read for exam
The overall concepts and architecture are important, as are the capabilities of the architecture, but the technical details are beyond the scope of this topic. In particular, section 1-3 and the main concepts of section 4 (particularly 4.1-4.3 and 4.6) are important. Sections 5-12 and the appendices are beyond the scope of this topic. read for exam
- M. Bishop, "Computer Security: Art and science", Addison-Wesley,
ISBN 0-201-44099-7. read for exam
- Section 11.4.2 (just the overall concepts), section 11.4.3 and section 11.4.4. Everything relevant in section 11.4.3 of Bishop is also in RFC2401, so you only need to read the latter; Bishop may be helpful in understanding the RFC.
4) Business continuity planning and Physical security
Business continuity planning
- Chapters 15-16 from Stewart, J. M.; Tittel, E. & Chapple,
M. (2008), CISSP. Certified Information Systems Security Professional
study guide. Sybex. Electronically available
(search for CISSP in the library catalogue)
read for exam
- Chapter 19 from Stewart, J. M.; Tittel, E. & Chapple, M. (2008), CISSP. Certified Information Systems Security Professional study guide. Sybex. Electronically available from http://www.bibl.liu.se/ (search for CISSP) read for exam
5) Risk analysis
- F. den Braber, I. Hogganvik, M. S. Lund, K. Stølen, F. Vraasen, "Model-based security analysis in seven steps - a guided tour to the CORAS method", available here, Springer. BT Technology Journal, pp 101-117, 2007. read for exam
- H. Dahl, I. Hogganvik, K. Stølen, "Structured semantics for the CORAS security risk modelling language", available here, SINTEF ICT. SINTEF Technical Report A970, 2007.
- NIST SP 800-30: Risk management guide for information technology systems, available here
- Risk Topics: Which Hazard Analysis read for exam
- Gary McGraw, "Risk Management Framework", available here (link updated 2013-08-16). read for exam
- B. Blakley, E. McDermott, D. Geer, Information security is information risk management, available here.
- NIST SP 800-37: "Guide for Applying the Risk Management Framework to Federal Information Systems". Available here.
- J. Steven, "Threat Modeling - Perhaps it's time" available here.
- P. Brooke, R. Paige, "Fault trees for security system design and analysis" available here.
Page responsible: Nahid Shahmehri
Last updated: 2013-08-16