Internet Security and PrivacyStockholm, Sweden, 1 Dec 2003 The course intends to provide a deep understandning of the main concepts behind most of the Internet security protocols. The course gives practical and theoretical knowledge concerning the design decisions taken in some of the well known security standards as IPsec, Kerberos, Secure Socket Layer (SSL) or Public Key Infrastructure (PKI). The emphasis is on cryptography, authentication systems and security attacks so that someone designing a protocol can specifically check for security flaws.
For example, after talking the course you should be able to understand the security uses of secret and public key cryptography, how the advanced encryption standard (AES) works or the principles behind the design of Pretty Good Privacy (PGP) mail encryption.
The last part of the course will cover areas as viruses and computer trojans, intrusion detection systems or data protection policies and European Union regulations. Syllabus
The course is divided in five blocks
- Part1 - Cryptography: Public and Secret Key Cryptography, Hash and Message Digest, Modes of operation.
- Part2 - Authentication: On-line passwords, Authentication Tokens, Biometrics, Certification Authorities, Strong password protocols.
- Part3 - Security Standards: Kerberos V4 and V5, Public Key Infrastructure (PKI), Real Time Security, IPSec (AH, ESP and IKE), Secure Socket Layer (SSL/TLS).
- Part4 - Electronic Mail and Web Security: Pretty Good Privacy (PGP, GPG), Cookies and Platform for Privacy Preferences (P3P)
- Part5 - Leftovers: Firewalls, Intrusion Detection Systems (IDS), Viruses and worms, Data Protection Regulations including PUL and 2002/58/EC.