Design and Analyze Secure Networked Systems

In this module, we will introduce the basic cyber security concepts, enable you to identity root causes of vulnerabilities in a network system and distinguish them from the threats from both inside and outside. We will analyze the enabling factors of recent cyber attack incidences and discuss the basic security services for their defense and triage. We will introduce the risk management framework for analyzing the risks in a network system, and apply the basic security design principles to protect the data and secure the computer systems. Trust is critical and in the center of any secure systems. We will examine the source and authenticity of the programs and data installed in systems we used daily and show the proper way to check their integrity, and verify their authenticity.

In this module we apply principle of least privileges for controlling the proper access given to users and system process. We will demonstrate such an access control by using an example of project document access control using the Unix file access mechanism. We use OPM data breach example to show the impact and the need for principle of adequate data protection. Trust is critical and in the center of any secure systems. We will examine the source and authenticity of the programs and data installed in systems we used daily and show the proper way to check their integrity, and verify their authenticity.

In this module, we introduce GPG software tool for generating public key private key pair for signing/verifying the documents and to encrypt documents, and publish our public key on our web server and PGP key server for others to retrieve. We will use GnuPG software tool to verify the common opensource software packages such as apache and putty. We will also learn how to sign software and the proper way to list the software package, their pgp signature, and our signing public key on a web site.