【中文班】信息安全导论

发布时间：2019-09-10 浏览次数：307

《信息安全导论》教学大纲

课程代码	045100831
课程名称	信息安全导论
英文名称	Introduction to Information Security
课程类别	专业基础课
课程性质	必修
学时	总学时：16 实验学时：0 实习学时：0 其他学时：0
学分	1
开课学期	第一学期
开课单位	计算机科学与工程学院
适用专业	信息安全、计算机科学与技术、网络工程
授课语言	中文授课
先修课程	无
课程对毕业要求的支撑	本课程对学生达到毕业要求有如下贡献： 1、工程知识：掌握扎实的信息安全基本知识、基本原理、技术和法规，为解决信息安全实际复杂问题打下知识基础。 2、问题分析：利用数学、本专业基本原理和技术，能够发现信息安全威胁，并通过文献研究分析其中的安全问题。 3、设计/开发解决方案：为设计和部署满足用户需求的安全防御和响应机制提供更加清晰的认识。 4、研究：激发学生对信息安全的学习兴趣，为深入研究打下基础。
课程目标	完成课程后，学生将具备以下能力： 1、学生对信息安全领域的知识有一个比较全面的了解，具备信息安全的基本素养，掌握信息安全的基本知识、原理和技术。 2、掌握信息安全领域最新的发展动态，为进一步深入学习和研究信息安全引导兴趣、打下基础。
课程简介	信息安全日益重要性日益凸显，学习信息安全和密码学基本知识，研究开发自主产权的安全软硬件是保障国家信息安全的必要技能。本课程讲述信息安全基本知识、基本理论和技术。主要学习对称密钥密码、公开密钥密码、消息认证、身份认证和访问控制，利用这些算法和技术实现加密、认证、完整性、抗抵赖等服务；分析病毒、漏洞、入侵等系统安全问题；另外，还学习防火墙、入侵检测等主流安全防御措施，应用于网络信息安全防护的各个环节。补充知识涉及基于密码的最新前沿技术，如区块链，这将为技术创新奠定良好的理论技术基础。
教学内容与学时分配	（一）思政建设1学时重点：实现专业知识教学与立德树人教育的有机融合；使学生树立信息安全即是国家安全的意识，激发学生“实干兴邦”的爱国奋斗精神。（二）信息安全概论 1学时（1）信息安全的理解（2）信息安全威胁（3）互联网的安全性（4）信息安全体系结构重点：信息安全威胁的类型及表现形式；信息安全体系结构。难点：信息安全体系结构。（三）密码学基础 5学时（1）密码学基础知识（2）古典密码（3）对称密钥密码（4）公开密钥密码（5）消息认证（6）密码学的典型应用：区块链简介重点：对称密钥密码中的仿射密码和DES；公开密钥密码中的Diffie-Hellman及RSA；消息认证和数字签名的原理；区块链图。难点：公开密钥密码中的Diffie-Hellman及RSA。（四）物理安全 1学时（1）概述（2）设备安全和防护（3）防信息泄露（4）物理隔离（5）容错与容灾重点：电磁泄漏的原理及防护知识；物理隔离的方法；容错、容灾的原则及措施。难点：物理隔离与逻辑隔离。（五）身份认证 2学时（1）概述（2）认证协议（3）公钥基础设施PKI （4）诱骗类型威胁重点：认证协议的基本思想；Kerberos的工作原理；公钥基础设施PKI的基本思想。难点：Kerberos的工作原理。（六）访问控制2学时（1）概述（2）访问控制模型（3）Windows系统的访问控制重点：访问控制模型。难点：活动目录与组策略。（七）网络威胁2学时（1）概述（2）计算机病毒（3）网络入侵（4）诱骗类型威胁重点：计算机病毒的特征及防范方法；网络入侵的特征及防范方法。难点：网络入侵攻击的原理。（八）网络防御2学时（1）概述（2）防火墙（3）入侵检测系统（4）网络防御新技术重点：防火墙的主要技术；IPtables防火墙的技术原理；入侵检测技术原理。难点：入侵检测Snort系统的技术原理。
实验教学（包括上机学时、实验学时、实践学时）	无
教学方法	课程教学以课堂教学、课外作业、综合讨论、网络以及授课教师的科研项目积累等共同实施。
考核方式	本课程注重过程考核，考核形式、考核内容、课程目标、成绩比例为：（1）平时作业和课堂表现（占总成绩的30%）选做教材部分习题和设计题，考查学生对信息安全基础知识和基本理论的掌握和应用能力；课程目标1；（2）期末考试（闭卷）（占总成绩的70%）采用笔试闭卷方式，考试内容选择信息安全方面的内容，重点考查信息安全基础知识和基本原理；课程目标1、2
教材及参考书	现用教材：翟健宏编写，信息安全导论，科学出版社，2011 主要参考资料： [1] 朱建明，王秀利，信息安全导论，清华大学出版社，2015 [2] 王继林，信息安全导论，西安电子科技大学出版社，2015 [3] P.W.Singer，网络安全：输不起的互联网战争，电子工业出版社，2015 [4] 曾凡平，网络信息安全，机械工业出版社，2015 [5] 蒋天发，网络空间信息安全，电子工业出版社，2017 [6] 熊平，信息安全原理及应用，清华大学出版社，2016 [7] Michael E.Whitman，信息安全原理，清华大学出版社，2016 [8] 结城浩，图解密码技术，人民邮电出版社，2016 [9] 尹丽波，世界网络安全发展报告（2016-2017），社会科学文献出版社，2017 [10] 洪京一，世界网络安全发展报告（2015-2016），社会科学文献出版社，2016
制定人及制定时间	唐韶华，2019年4月11日

“Introduction to Information Security” Syllabus

Course Code	045100831
Course Title	Introduction to Information Security
Course Category	Specialty Basic Courses
Course Nature	Compulsory Course
Class Hours	Total Hours: 16Experimental Hours:0 Internship hours:0 Other hours:0
Credits	1
Semester	First Semester
Institute	School of Computer Science and Engineering
ProgramOriented	Information Security, Computer Science and Technology, Network Engineering
Teaching Language	Chinese
Prerequisites	Null
Student Outcomes (Special Training Ability)	This course has the following contributions to students' graduation requirements: Engineering knowledge: master solid basic knowledge of information security, basic principles, technologies and regulations, so as to lay a knowledge foundation for solving complex practical problems of information security. Problem analysis: using mathematics, the basic principles and techniques of the profession, information security threats can be found, and security problems can be analyzed through literature research. Design/development solutions: provide greater clarity for designing and deploying security defense and response mechanisms that meet user needs. Research: stimulate students' interest in information security and lay a foundation for further research.
Course Objectives	Upon completion of the course, students will have the following abilities： Students have a comprehensive understanding of the knowledge in the field of information security, have the basic literacy of information security, and master the basic knowledge, principle and technology of information security Master the latest developments in the field of information security, and lay the foundation for further in-depth study and research on information security.
Course Description	The increasing importance of information security has become increasingly prominent. Learning information security and basic knowledge of cryptography, research and development of security software and hardware with independent property rights are necessary skills to ensure national information security.This course introduces the basic knowledge, theory and technology of information security. It mainly learns symmetric key cryptography, public key cryptography, message authentication, identity authentication and access control, and uses these algorithms and technologies to implement encryption, authentication, integrity, non-repudiation and other services. Analyze system security issues such as viruses, vulnerabilities, and intrusions. In addition, it also learns mainstream security defense measures such as firewalls and intrusion detection, and applies them to all aspects of network information security protection. Supplementary knowledge involves the latest cutting-edge technologies based on cryptography, such as Blockchain, which will lay a good theoretical and technical foundation for technological innovation.
Teaching Content and Class Hours Distribution	Ideological construction(1 hour) Key points: realize the organic integration of professional knowledge teaching and moral education; to make students realize that information security is also nation security, and inspire the students' patriotic struggle spirit of "making the country prosperous by doing" . Introduction to Information Security (1 hours) (1) Understanding of information security (2) Information security threats (3) The security of the Internet (4) Information security architecture Key points: the types and manifestations of information security threats; information security architecture. Difficulties: information security architecture. The Basis of Cryptography (5 hours) (1) Basic knowledge of cryptography (2) Classical password (3) Symmetric key password (4) Public key password (5) Message certification (6) The applications of cryptography: brief introduction to Blockchain Key points: affine ciphers and DES in symmetric key crypts; Diffie-Hellman and RSA in public key cryptography; principles of message authentication and digital signatures; Blockchain diagram. Difficulty: Diffie-Hellman and RSA in public key cryptography. Physical Security (1 hour) (1) Overview (2) Equipment safety and protection (3) Anti-information disclosure (4) Physical isolation (5) Fault tolerance and disaster recovery Key points: the principle of electromagnetic leakage and protection of knowledge; physical isolation methods; fault tolerance, disaster recovery principles and measures. Difficulties: physical isolation and logic isolation. Identity Authentication (2 hours) Overview (2) Certification agreement (3) PKI Key points: the basic idea of the authentication protocol; the working principle of Kerberos; the basic idea of the public key infrastructure PKI. Difficulty: the working principle of Kerberos. Access Control (2 hours) (1) Overview (2) Access control model (3) Access control for Windows systems Key points: access control model. Difficulties: active directory and group policy. Network Threat (2 hours) (1) Overview (2) Computer viruses (3) Network intrusion (4) The type of lure threat Key points: the characteristics of computer viruses and precautions; network intrusion characteristics and precautions. Difficulties: the principle of network intrusion attack. Network Defense (2 hours) (1) Overview (2) Firewall (3) Intrusion detection system (4) Network defense new technology Key points: the main firewall technology; IPtables firewall technical principles; intrusion detection technology principles. Difficulty: the technical principle of intrusion detection Snort system.
Experimental Teaching	Null
Teaching Method	Course teaching by jointly implementing classroom teaching, extracurricular homework, comprehensive discussion, network and research projects in the accumulation.
Examination Method	This course focuses on the process assessment. The assessment form, assessment content, course objectives and achievement ratio are as follows: Homework and class performance (30% of the total score) Choose some exercises and design questions in the textbook to examine students' mastery and application of information security basic knowledge and basic theory; course objective 1; Final exam (closed book) (70% of total score) Adopt the written test closed method, select the information security content of the test content, focus on the basic knowledge and basic principles of information security; course objectives 1, 2
Teaching Materials and Reference Books	Present teaching materials: Zhai Jianhong editor, Introduction to information security, science press, 2011 The main reference: [1] Zhu Jianming, Wang Xiuli, Introduction to Information Security , Tsinghua University Press, 2015 [2] Wang Jilin, Introduction to Information Security, Xi'an University of Electronic Science and Technology Press, 2015 [3] P.W.Singer, Network Security: Cannot afford Internet War, Electronics Industry Press, 2015 [4] Zeng Fanping, Network Information Security, Machinery Industry Press, 2015 [5] Jiang Tianfa, Cyberspace Information Security, Electronic industry press, 2017 [6] Xiong Ping, Information Security Principles and Applications, Tsinghua University Press, 2016 [7] Michael E.Whitman, Principles of Information Security, Tsinghua University Press, 2016 [8] Jie Chenghao, Graphic Cryptography, People's Posts and Telecommunications Press, 2016 [9] Yin Libo, World Network Security Development Report (2016-2017), Social Science Literature Publishing House, 2017 [10] Hong Jingyi, World Network Security Development Report (2015-2016), Social Science Literature Publishing House, 2016
Prepared by Whom and When	Tang Shaohua, April11, 2019