University of Southern California

 

CS530L - Security Systems
lab component
David Morgan

see "Syllabus" link for email address

German "Enigma" cryptographic device

 

Home

Syllabus

Lab policies

Student lab times

CS530 main class

DETER net testbed
  home
  get/use an account
  FAQ
  tutorial


a vi cheat sheet


Labs
(instructions/slides)

Cryptography & Key Mgmt

Authentication

Authorization

Application security

Packet sniffing

Firewalls (DETER)

Intrusion detection

Arp spoofing (DETER)

Tunnels and vpns (DETER)

Computer forensics (DETER)

 

 

 



 

FALL 2014
lecture 4:30p - 5:20p Fri OHE122

Until recent years, information systems security was the limited focus of the military and the financial communities. With the recent explosive growth and merging of telecommunications and computing, security has become an integral element of any reliable and robust information systems environment. This class will cover information systems security at the graduate level. Students should have a basic understanding of networking and operating systems prior to attending the class.

Yubikey authentication - we looked at it briefly in lecture last week. We didn't spend enough time on these slides about key sharing. The yubikey device on an application client produces an output intended for use in conjunction with an authentication server that can evaluate that output. (Incidentally while the server in my slides belonged to manufacturer Yubico,  maintained for customer use, customers also have the option of creating their own server to avoid sharing secrets with any external organization.) The slides show that part of a yubikey's output is encrypted, and the symmetric key for that is internal to the yubikey. That key therefore must be shared with the server, and my slides show it to be in the server's possession. There are different approaches to secure key sharing. One of the questions in your lab instructions asks you to think about how it was accomplished in this case. (9/19)

Email filter rule keywords used for managing the 10 reports you submit are:

 cryptolab
 authenticationlab
 authorizationlab
 applicationsecuritylab
 snifflab
 firewallslab
 idslab
 arpspooflab
 tunnelslab
 forensicslab

for the respective labs we do over 10 weeks. Please be sure to embed these keywords in the titles of the email messages in which you will submit your work. (9/12)

New lab times published - please check and let me know of any anomalies, conflicts, problems. (9/8)

Further lab timeslot assignments - since Friday I have not yet assigned additional sign-ups. I expect to do so tomorrow, Monday, and publish a revised list at the "Student lab times" link. In the meantime, anybody not yet assigned who wishes to attend tomorrow may do so. (9/7)

Authentication without confidentiality - below is one of the slides we didn't get to yesterday. What's the stuff in the red box?

Note there is no encryption of the data, the purpose is not to obscure the data but to make certain it came from Fedora. (9/6)

Clarification - lab meeting times have been assigned, but the actual meetings don't start until next week. Those of you assigned to the Friday 3pm slot need to come next Friday but not today. Today, we have just the regular lecture in room OHE122 at 4:30pm. (9/5)

My RSA lecture available online -  The latter slides in my lecture presentation today cover the steps and math of the RSA algorithm. They are closely related to the lab activity you'll do in a week. I have those slides online, with my narration. You may listen to them if you like (it would help) before coming to the lab next week. (9/5)

Labs, due dates, lab time assignments round 2 - The lab performed in a given week will be the one that was the lecture subject on the previous Friday. The due date for submitting its result will be by your particular lab time the following week. Take as an example the cryptography topic and a student in the Wednesday lab. The lecture for it is today; you'll do the lab exercise next Wednesday September 10; your electronic submittal of the result is due the following Wednesday September 17 at lab time, 10:30am. DEN students have a Friday 4:30 deadline; the remote assignments on DETER later this semester will be due Fridays at 4:30 2 weeks after lecture date.

If your name does not appear among the listed student lab times it is because you did not supply preferences or supplied them malformed. I will hold another round of time assignments for you. (You will have second priority, that is, I will not disturb or move any of the students already assigned to meet your preferences.) Please visit the web form today and express preferences. I will randomly give times to students who do not. (9/5)


Student lab times
- please see the link at left entitled "Student lab times". The lab times are set for:

Mondays 12:30pm-1:50pm
Wednesdays 10:30pm-11:50am
Fridays 3:00pm-4:20pm

The number of students of record is 68. 48 of them appear in the "Student lab times" schedule. 9 did not provide preferences. 11 supplied preferences in improper form which therefore were not processed.

preferences not provided: briggs, guptaan, guptaav, mante, maraliga jayaram, palaniappan, patwardhan, tuse, venugopal

preferences provided in improper form: wadhawan, balakrishnan, balasubramanya, narayanan, vemuri, thakur, shamanur, khatri, shiroor, poobalan, luo   (9/4)

 

Which machine do we use, for which lab? - the various lab activities were developed to work on one or another of the 4 virtual machines installed in the lab. The instructions for each lab should tell you on which platform to do it. As a matter of record, here are the platforms corresponding the activities.

(9/5)

Revised lab calendar (below) - to reflect the 10/17 midterm. (8/30)

First homework tasks -
 1) express your lab timeslot preferences (unless you are a DEN student) deadline: end of day Tuesday 9/2/14
If you are a DEN student, install VMWare Player 6 (or other version of VMware) if you do not have it already. See "DEN students" comments below.
 2) as a tourist, visit the informational links listed at left under the heading "DETER net testbed". Gain initial familiarity with DETER at tourist level. We will arrange DETER accounts for you shortly.
 3) visit link at left entitled "Cryptography" under the heading "Labs." Our upcoming initial lab topic will be on the subject of cryptography. My lecture on the subject will be September 5, with corresponding lab exercise (the first one) performed the following week. (8/29)

Individual lab timeslot assignments

You will be assigned to a particular lab session. You will express preference among the timeslots using this web form:

On the form (which unfortunately does not validate entries) please take care to enter a unique explicit digit from among 0, 1, 2, and 5 for each of the seven lab timeslot possibilities.
 - enter 0 for any slot with which you have a bona fide conflict (other commitment that cannot be changed)
 - enter 1 for your most preferred non-conflicting timeslot
 - enter 2 for your second-most preferred non-conflicting timeslot
 - enter 5s for your less preferred non-conflicting timeslots

The software that will process your entry will filter it out if it deviates from that. So fill in the form correctly to avoid adversely affecting our meeting your preference. I will do my best to follow student preference within my ability to control. (8/29)

The web form is here . To use it, you need to supply an ID. Your ID is your last name, all lower case. On-campus  students who were registered as of yesterday are in the web form's database. There are multiple guptas and multiple kims. In those cases suffix your last name with 1 or 2 characters of your first name. I will make a supplemental update with names of later registrants sometime next week as a fresh class roster is made available to me. (8/29)

Slides from today's lecture in color or greyscale.(8/29)

Strong recommendation - each week, preview or scan (visually) the lab instructions in advance before your lab session. It will enable you to do the exercises more efficiently, with greater understanding, and ensure you can finish before the lab ends. (8/29)

Support questions - try the "Labs" category of the discussion board found on DEN/Blackboard for CS530. If it's a question of general interest (maybe somebody else has the same question in mind) put it there. Alternatively, or for more specifically personal questions, csci530l@usc.edu email address, shared by me and the lab graders. (8/29)

Your graders - Serhat Yilmaz and Adhip Gupta. Adhip took CS530 last year, Serhat did so earlier and was a lab grader last year. Both are helpful and familiar with the lab exercises you will do. (8/29)

Lab location - room OHE406. The hardware-identical computers in this room have removable hard drives. You will be assigned a drive. You will insert it in one of the computers when you arrive at the lab each week. You will put it in a locker afterward, where it will be stored for you until the following week's session. (8/29)

DEN students - most if not all of the lab exercises are performed in VMware virtual machines. We will make available images of the same vm's that are installed in the lab, for you to install on your machine. You will then be able to run that vm using VMware player, which is distributed free from www.vmware.com. The lab handouts (instructions) will be posted online, here on this website, weekly. I intend to distribute the vm images to you via download, details to be posted on this website. (These are not for the consumption of on-campus students.) (8/29)

The University of Southern California does not screen or control the content on this website and thus does not guarantee the accuracy, integrity, or quality of such content. All content on this website is provided by and is the sole responsibility of the person from which such content originated, and such content does not necessarily reflect the opinions of the University administration or the Board of Trustees