­Cleveland State University

Department of Electrical and Computer Engineering

EEC 688/788 Secure and Dependable Computing

Fall 2009

 

Course Objectives:          This course provides an extensive overview of secure and dependable distributed computing systems. Topics include computer and network security, faults models, process and data replication, reliable group communication, message logging, checkpointing and restoration, Byzantine fault tolerance and intrusion tolerance.

 

Prerequisite:                    EEC484/584 Computer Networks. Furthermore, this course is designed for students who have sufficient computer engineering background. That means you are expected to have taken undergraduate-level operating systems, data structure and algorithms, and programming language courses. In particular, most of the labs and the course project involve with the Java programming.

 

Textbook:                         Lecture notes and handouts

 

Instructor:                        Dr. Wenbing Zhao     

Office:                SH434

Phone:                (216) 523-7480

Fax:                    (216) 687-5405

E-mail:                wenbing@ieee.org

Lecture time:      M W 2:00-3:50pm at SH306

Office hours:      M W 1:00-2:00pm & 6:00-7:00pm and by appointment

 

Tentative Schedule

 

Week

Topics

Reading

1

(Aug 24 - 28)

Aug 24:

·         Lecture 1: Syllabus discussion; Overview of the course (notes)

Aug 26:

·         Lecture 2: Introduction to computer & network security (part I) (notes)

 

handout

 

Security in Computing: chapter 1

 

2

(Aug 31 – Sept 4)

Aug 31:

·         Lecture 3: Introduction to computer & network security (part II) (notes)

Sept 2:

·         Lecture 4: Elementary cryptography (part 1) (notes)

 

Security in Computing: chapter 1

 

Security in Computing: chapter 2

3

(Sept 7 – 11)

Sept 7:

·         Labor Day (No Class)

Sept 9:

  • Lecture 5: Elementary cryptography (part 2) (notes)

 

 

 

Computer Networks (4th Ed., Tanenbaum): chapter 8

4

(Sept 14 – 18)

Sept 14:

  • Lab 0 – Getting familiar with Linux (including Linux account creation)

Sept 16:

  • Lecture 6: Elementary cryptography (part 3), Public key management (notes)
  • Lab 0 report due

 

 

 

 

Computer Networks (4th Ed., Tanenbaum): chapter 8

5

(Sept 21 – 25)

Sept 21:

  • Midterm Test #1 (lecture 1-6)

Sept 23:

  • Lecture 7: Authentication protocols (notes)

 

 

 

Computer Networks (4th Ed., Tanenbaum): chapter 8

6

(Sept 28 – Oct 2)

Sept 28:

  • Lecture 8: Secure communication 1 - secure shell (notes)

Sept 30:

  • Lab 1 - Secure shell

 

SSH, the Secure Shell (2nd Edition)

7

(Oct 5 – 9)

Oct 5:

  • Lecture 9: Secure communication 2 (PGP & SSL) (notes)
  • Lab 1 report due

Oct 7:

  • Lab 2 – Secure computing in Java

 

8

(Oct 12 – 16)

Oct 12:

·         Columbus Day (No Class)

Oct 14:

  • Lecture 10: Intrusion detection and prevention (notes)
  • Lab 2 report due

 

 

 

Network intrusion detection book

9

(Oct 19 – 23)

Oct 19:

·         Lab 3 – Intrusion detection with Snort

Oct 25:

  • Lecture 11: Failures and their manifestation; Consensus (notes)
  • Lab 3 report due

 

 

 

 

Handout

10

(Oct 26 – 30)

Oct 26:

·         Lecture 12: Replication techniques; replica consistency (notes)

Oct 28

  • Midterm Test #2 (lecture 7-12, lab 1-3)

 

Handout

 

11

(Nov 2 – 6)

Nov 2:

  • Project Consultation (no lecture)

Nov 4:

  • Lecture 13: Group communication systems (I) (notes)
  • Project outline due

 

 

 

Reliable Distributed Systems: chapter 14-16

 

12

(Nov 9 - 13)

Nov 9:

·         Lecture 14: Group communication systems (II); Logging, checkpointing and recovery (notes)

Nov 11:

  • Veterans Day (No Class)

 

Reliable Distributed Systems: chapter 14-16

 

13

(Nov 16 – 20)

Nov 16:

  • Lab 4 – Spread toolkit

Nov 18:

  • Lecture 15: Byzantine fault tolerance (part I) (notes)
  • Project progress report due
  • Lab 4 report due

 

 

 

Handout

 

14

(Nov 23 – 27)

Nov 23:

·         Lecture 16: Byzantine fault tolerance (part II) (notes)

Nov 25: (Thanksgiving Eve)

  • Makeup Lab Session (attendance optional)

 

Handout

 

 

 

 

15

(Nov 30 – Dec 4)

Nov 30:

  • Midterm #3 (lecture 13-16, lab 4)

Dec 2:

  • Project presentation (attendance mandatory)

 

 

 

 

16

(Dec 7 – 11)

Dec 9:

  • Final project submission due (by midnight)

 

 

Course Project

You are expected to build a secure and/or dependable software application/system based on the tools and systems you have learned during the labs. 30% of the course credit is allowed for the project. The project can be completed individually or by a team of two. Deliverables:

-          A project proposal

-          A project progress report

-          A public project presentation, including a demo and a code walkthrough.

-          The source code for the project

-          A typed comprehensive report of your project is required

 

Labs

There are 5 labs on a various topics related to security and dependability of distributed computing systems. There will be no makeup lab, and no extension will be granted for lab reports. Exception may be granted to those who have strong background to complete the labs without my supervision. If you are granted an exception, the related requirement on the lab session attendance for class participation credit is automatically removed.

 

Class Participation

10% of the course credit is allocated to encourage student class participation. I may perform a roll call in the beginning of each class to determine the attendance. To obtain the full credit for class participation, you must satisfy the following conditions:

  • You do not miss more than 2 lectures
  • You do not miss any exam and lab sessions (if you choose to the labs option)
  • You have asked at least 10 questions during the semester. You are also encouraged to give me advice on how you would like me to improve my teaching to make it more conducive. For each piece of advice, it will be counted as 2 questions.

To help me keep track who asked me questions, please send me an email with the following information for each question you have asked within 24 hours after the lecture:

  • The question you asked
  • My response
  • Your comment on my response and suggestion for improvement, if any

 

Grading

Class participation 10%

Exams 60%

Labs 20%

Projects 10%

 

The final grading is based on your accumulated effort in this course. Your final grade is determined approximately based on the following schedule:

A: 90-100%

A-: 85-89%

B+: 75-84%

B: 65-74%

B-: 55-64%

C: 50-54%

F: <50%

 

Reference Books   

Security in Computing (4th Edition), by Charles P. Pfleeger, Shari Lawrence Pfleeger, Prentice Hall, 2006

Computer Networks (4th Edition), by Andrew S. Tanenbaum, Prentice Hall, 2003

Cryptography and Network Security: Principles and Practices (3rd Edition), by William Stallings, Prentice Hall, 2003

SSH, the Secure Shell (2nd Edition), by Daniel J. Barrett, Robert G. Byrnes, Richard E. Silverman, O'Reilly, 2005

Reliable Computer Systems: Design and Evaluation (3rd Edition), by Daniel P. Siewiorek and Robert S. Swarz, A K Peters, 1998

Distributed Systems: Principles and Paradigms, by Andrew S. Tanenbaum, and Maarten van Steen, Prentice Hall, 2002

Reliable Distributed Systems: Technologies, Web Services, and Applications, by Kenneth P. Birman, Springer, 2005

Network Intrusion Detection (3rd Edition), by Stephen Northcutt, Judy Novak, New Riders Publishing, 2002

 

Note

Examines are closed-book and closed-notes. However, you can bring with you one page of formulas and definitions (US Letter size or smaller). There will be no make-up tests. If you have serious reasons for missing a test (accident, medical emergency, death in the family), upon presentation of an official written document validating the circumstance the test will be rescheduled.