《信息安全导论》教学大纲

课程代码

045100831

课程名称

信息安全导论

英文名称

 Introduction to Information Security

课程类别

专业基础课

课程性质

必修

学时

总学时:16 实验学时:0 实习学时:0 其他学时:0

学分

1

开课学期

第一学期

开课单位

计算机科学与工程学院

适用专业

信息安全计算机科学与技术、网络工程

授课语言

中文授课

先修课程

课程对毕业要求的支撑

本课程对学生达到毕业要求有如下贡献:

1、工程知识:掌握扎实的信息安全基本知识、基本原理、技术和法规,为解决信息安全实际复杂问题打下知识基础。

2、问题分析:利用数学、本专业基本原理和技术,能够发现信息安全威胁,并通过文献研究分析其中的安全问题。

3、设计/开发解决方案:为设计和部署满足用户需求的安全防御和响应机制提供更加清晰的认识。

4、研究:激发学生对信息安全的学习兴趣,为深入研究打下基础。

课程目标

完成课程后,学生将具备以下能力:

1、学生对信息安全领域的知识有一个比较全面的了解,具备信息安全的基本素养,掌握信息安全的基本知识、原理和技术。

2、掌握信息安全领域最新的发展动态,为进一步深入学习和研究信息安全引导兴趣、打下基础。

课程简介

信息安全日益重要性日益凸显,学习信息安全和密码学基本知识,研究开发自主产权安全软硬件是保障国家信息安全的必要技能。本课程讲述信息安全基本知识、基本理论和技术。主要学习对称密钥密码、公开密钥密码、消息认证、身份认证和访问控制,利用这些算法和技术实现加密、认证、完整性、抗抵赖等服务;分析病毒漏洞、入侵等系统安全问题;另外,还学习防火墙、入侵检测等主流安全防御措施用于网络信息安全防护的各个环节。补充知识涉及基于密码的最新前沿技术,如区块链,这将为技术创新奠定良好的理论技术基础。

教学内容与学时分配

(一)思政建设1学时

重点:实现专业知识教学与立德树人教育的有机融合;使学生树立信息安全即是国家安全的意识,激发学生“实干兴邦”的爱国奋斗精神。

(二)信息安全概论                           1学时

1信息安全的理解

2信息安全威胁

3互联网的安全性

4信息安全体系结构

重点:信息安全威胁的类型及表现形式;信息安全体系结构

难点:信息安全体系结构

)密码学基础                       5学时

1密码学基础知识

2古典密码

3对称密钥密码

4公开密钥密码

5消息认证

6密码学的典型应用:区块链简介

重点:对称密钥密码中的仿射密码和DES;公开密钥密码中的Diffie-HellmanRSA;消息认证和数字签名的原理区块链图

难点:公开密钥密码中的Diffie-HellmanRSA

)物理安全                               1学时

1概述

2设备安全和防护

3防信息泄露

4物理隔离

5容错与容灾

重点:电磁泄漏的原理及防护知识;物理隔离的方法;容错、容灾的原则及措施

难点:物理隔离与逻辑隔离

)身份认证                               2学时

1概述

2认证协议

3公钥基础设施PKI

4诱骗类型威胁

重点:认证协议的基本思想;Kerberos的工作原理;公钥基础设施PKI的基本思想

难点:Kerberos的工作原理

访问控制2学时

1概述

2访问控制模型

3Windows系统的访问控制

重点:访问控制模型。

难点:活动目录与组策略。

网络威胁2学时

1概述

2计算机病毒

3网络入侵

4诱骗类型威胁

重点:计算机病毒的特征及防范方法;网络入侵的特征及防范方法

难点:网络入侵攻击的原理

网络防御2学时

1概述

2防火墙

3入侵检测系统

4网络防御新技术

重点:防火墙的主要技术;IPtables防火墙的技术原理;入侵检测技术原理

难点:入侵检测Snort系统的技术原理

实验教学(包括上机学时、实验学时、实践学时)

教学方法

课程教学以课堂教学、课外作业、综合讨论、网络以及授课教师的科研项目积累等共同实施。

考核方式

本课程注重过程考核,考核形式、考核内容、课程目标、成绩比例为:

1平时作业和课堂表现(占总成绩的30%

选做教材部分习题和设计题,考查学生对信息安全基础知识和基本理论的掌握和应用能力;课程目标1

2期末考试(闭卷)(占总成绩的70%

采用笔试闭卷方式,考试内容选择信息安全方面的内容,重点考查信息安全基础知识基本原理;课程目标12

教材及参考书

现用教材:翟健宏编写,信息安全导论,科学出版社,2011

主要参考资料:

 [1] 朱建明,王秀利,信息安全导论,清华大学出版社,2015

[2] 王继林,信息安全导论,西安电子科技大学出版社,2015

[3] P.W.Singer,网络安全:输不起的互联网战争,电子工业出版社,2015

[4] 曾凡平,网络信息安全,机械工业出版社,2015

[5] 蒋天发,网络空间信息安全,电子工业出版社,2017

[6] 熊平,信息安全原理及应用,清华大学出版社,2016

[7] Michael E.Whitman,信息安全原理,清华大学出版社,2016

[8] 结城浩,图解密码技术,人民邮电出版社,2016

 [9] 尹丽波,世界网络安全发展报告(2016-2017),社会科学文献出版社,2017

[10] 洪京一,世界网络安全发展报告(2015-2016),社会科学文献出版社,2016

制定人及制定时间

唐韶华,2019411


 “Introduction to Information Security” Syllabus

Course Code

045100831

Course Title

Introduction to Information Security

Course Category

Specialty Basic Courses

Course Nature

Compulsory Course

Class Hours

Total Hours: 16Experimental Hours:0 Internship hours:0 Other hours:0

Credits

1

Semester

First Semester

Institute

School of Computer Science and Engineering

ProgramOriented

Information Security, Computer Science and Technology, Network Engineering

Teaching Language

Chinese

Prerequisites

Null

 Student Outcomes

 (Special Training Ability)

 This course has the following contributions to students' graduation requirements:

  1.  Engineering knowledge: master solid basic knowledge of information security, basic principles, technologies and regulations, so as to lay a knowledge foundation for solving complex practical problems of information security.

  2. Problem analysis: using mathematics, the basic principles and techniques of the profession, information security threats can be found, and security problems can be analyzed through literature research.

  3.  Design/development solutions: provide greater clarity for designing and deploying security defense and response mechanisms that meet user needs.

  4. Research: stimulate students' interest in information security and lay a foundation for further research.

Course Objectives

 Upon completion of the course, students will have the following abilities

  1. Students have a comprehensive understanding of the knowledge in the field of information security, have the basic literacy of information security, and master the basic knowledge, principle and technology of information security

  2. Master the latest developments in the field of information security, and lay the foundation for further in-depth study and research on information security.

Course Description

 The increasing importance of information security has become increasingly prominent. Learning information security and basic knowledge of cryptography, research and development of security software and hardware with independent property rights are necessary skills to ensure national information security.This course introduces the basic knowledge, theory and technology of information security. It mainly learns symmetric key cryptography, public key cryptography, message authentication, identity authentication and access control, and uses these algorithms and technologies to implement encryption, authentication, integrity, non-repudiation and other services. Analyze system security issues such as viruses, vulnerabilities, and intrusions. In addition, it also learns mainstream security defense measures such as firewalls and intrusion detection, and applies them to all aspects of network information security protection. Supplementary knowledge involves the latest cutting-edge technologies based on cryptography, such as Blockchain, which will lay a good theoretical and technical foundation for technological innovation.

Teaching Content and Class Hours Distribution

  1.  Ideological construction(1 hour)

 Key points: realize the organic integration of professional knowledge teaching and moral education; to make students realize that information security is also nation security, and inspire the students' patriotic struggle spirit of "making the country prosperous by doing" .

  1. Introduction to Information Security (1 hours)

(1) Understanding of information security

(2) Information security threats

(3) The security of the Internet

(4) Information security architecture

Key points: the types and manifestations of information security threats; information security architecture.

Difficulties: information security architecture.

  1. The Basis of Cryptography (5 hours)

(1) Basic knowledge of cryptography

(2) Classical password

(3) Symmetric key password

(4) Public key password

(5) Message certification

(6) The applications of cryptography: brief introduction to Blockchain

 Key points: affine ciphers and DES in symmetric key crypts; Diffie-Hellman and RSA in public key cryptography; principles of message authentication and digital signatures; Blockchain diagram.

Difficulty: Diffie-Hellman and RSA in public key cryptography.

  1. Physical Security (1 hour)

(1) Overview

(2) Equipment safety and protection

(3) Anti-information disclosure

(4) Physical isolation

(5) Fault tolerance and disaster recovery

Key points: the principle of electromagnetic leakage and protection of knowledge; physical isolation methods; fault tolerance, disaster recovery principles and measures.

Difficulties: physical isolation and logic isolation.

  1. Identity Authentication (2 hours)

  1. Overview

(2) Certification agreement

(3) PKI

Key points: the basic idea of the authentication protocol; the working principle of Kerberos; the basic idea of the public key infrastructure PKI.

Difficulty: the working principle of Kerberos.

  1. Access Control (2 hours)

(1) Overview

(2) Access control model

(3) Access control for Windows systems

Key points: access control model.

Difficulties: active directory and group policy.

  1. Network Threat (2 hours)

(1) Overview

(2) Computer viruses

(3) Network intrusion

(4) The type of lure threat

Key points: the characteristics of computer viruses and precautions; network intrusion characteristics and precautions.

Difficulties: the principle of network intrusion attack.

  1. Network Defense (2 hours)

(1) Overview

(2) Firewall

(3) Intrusion detection system

(4) Network defense new technology

Key points: the main firewall technology; IPtables firewall technical principles; intrusion detection technology principles.

Difficulty: the technical principle of intrusion detection Snort system.

Experimental Teaching

Null

Teaching Method

Course teaching by jointly implementing classroom teaching, extracurricular homework, comprehensive discussion, network and research projects in the accumulation.

Examination Method

 This course focuses on the process assessment. The assessment form, assessment content, course objectives and achievement ratio are as follows:

  1. Homework and class performance (30% of the total score)

Choose some exercises and design questions in the textbook to examine students' mastery and application of information security basic knowledge and basic theory; course objective 1;

  1. Final exam (closed book) (70% of total score)

Adopt the written test closed method, select the information security content of the test content, focus on the basic knowledge and basic principles of information security; course objectives 1, 2

Teaching Materials and Reference Books

Present teaching materials: Zhai Jianhong editor, Introduction to information security, science press, 2011

The main reference:

[1] Zhu Jianming, Wang Xiuli, Introduction to Information Security , Tsinghua University Press, 2015

[2] Wang Jilin, Introduction to Information Security, Xi'an University of Electronic Science and Technology Press, 2015

[3] P.W.Singer, Network Security: Cannot afford Internet War, Electronics Industry Press, 2015

[4] Zeng Fanping, Network Information Security, Machinery Industry Press, 2015

[5] Jiang Tianfa, Cyberspace Information Security, Electronic industry press, 2017

[6] Xiong Ping, Information Security Principles and Applications, Tsinghua University Press, 2016

[7] Michael E.Whitman, Principles of Information Security, Tsinghua University Press, 2016

[8] Jie Chenghao, Graphic Cryptography, People's Posts and Telecommunications Press, 2016

[9] Yin Libo, World Network Security Development Report (2016-2017), Social Science Literature Publishing House, 2017

[10] Hong Jingyi, World Network Security Development Report (2015-2016), Social Science Literature Publishing House, 2016

Prepared by Whom and When

Tang Shaohua, April11, 2019