Applied Cryptography and Access Control
This course covers the concepts, applied mechanisms, and practices of using cryptography and access control techniques in software applications. These techniques address security requirements such as confidentiality, integrity, authentication, authorization, and accountability, and have become the vital part of all business applications and electronic transactions. Concepts explored include common IT security challenges; critical application security exploits; the role of cryptography and its applied mechanisms; access control principles and techniques related to personal identification and strategies for enabling stronger authentication using Public-Key Infrastructure (PKI), smartcards, and biometrics; enterprise identity management concepts; industry standards for enabling identity provisioning, single sign-on, and federation.
At the end of the course, students will be able to:
Develop examples illustrating substitution and transposition ciphers.
Develop a conceptual architecture including cryptographic requirements to support secure communication channels ensuring confidentiality, integrity, authentication, and non-repudiation.
Analyze digital signatures of email messengers currently in use.
Develop a conceptual architecture including transport-level security requirements to support an Internet portal with confidentiality, integrity, and authentication of all data in transit between a web server and its connecting peer web browser.
Develop a conceptual architecture with transport-level security requirements to support the security of a company's credit card transactions with its banks.
Develop a conceptual architectural solution for a web portal that aggregates access to multiple business applications residing within their network and over the Internet in partner organizations. Identify the security standards and technology components that need to be in place to ensure that the overall security and access control are not compromised.
Analyze strategies for enabling the multi-factor authentication using Smart cards and Biometrics.