post-academic course in ict ict networking and security · communication over ip-networks from new...
TRANSCRIPT
Part I: Communication networks, January – March 2008
Module 1: Fixed Networks Module 2: Multimedia Networks Module 3: Wireless Networks Module 4: eTOM Cases
Part II: Security, April – June 2008
Module 1: Security Basics Module 2: Security Applications Module 3: Advanced Security Configuration Module 4: Organisational Aspects Module 5: Legal Aspects Cases
Scientific CoordinationProf. dr. ir. Eric LaermansProf. dr. ir. Piet Demeester Prof. dr. ir. Ingrid Moerman
Department of Information Technology,Ghent University, IBBT
ICT Networking and securityFirst component of a new broad ICT course
INSTITUUT VOORPERMANENTEVORMING
Post-academic course in ICT
Business version!
Extra large scale business
version available via live
streaming video – see inside
Obtain a Ghent University certificate
Why this course?The evolution in the world of communication networks in
the last decades has been rapid and thorough. We evolved
from traditional, fixed telephone networks, well control-
led by clearly identified operators
to mobile, pervasive, more open
and ever more complex IP-based
networks. The share of voice commu-
nication in total network traffic has
dwindled, while the amount of data
communication over IP-networks
from new applications as file trans-
fer, e-mail, Web, etc. has steadily
risen. Even within mobile networks,
data communication is taking an
ever larger share with new technolo-
gies as UMTS. Today, these new data
networks even compete with the
older more traditional networks for the telephone service, as
Voice-over-IP has become a fierce competitor to the historical
telephone operators. This course aims to present the underly-
ing technologies of this relatively new reality.
Originally, networks were typically tightly controlled by well-
defined operators. Attacks against those networks were some-
times possible, allowing the hacker
to pass the bill of his communica-
tions to the victim of the hacking,
but the amplitude of the attacks and
their damage were generally rather
limited. The openness of contempo-
rary networks, especially IP-based
networks, and the complexity and
vulnerability of contemporary termi-
nals (computers or advanced mobile
devices), means that much more
attention has to be spent on the
security of these networks. Attacks can come from anywhere,
at any time. The attack could even originate from the terminal
of the user itself in the form of some spyware leaking precious
information to the hacker who planted the piece of malware.
Furthermore, as users and enterprises rely more and more
on their network infrastructure to do business, the conse-
quences of successful attacks have
become orders of magnitude more
devastating. The second objective
of this course is to allow to under-
stand which security functions and
mechanisms exist, how they can be
used and implemented to achieve
acceptably secure communications.
Who should attend?This course is aimed at people with
some technological background,
although they need not be experts
in ICT. Only the advanced lab sessi-
ons from the fourth module of the second part require a suffi-
cient experience to start.
Post-academic course certificate granted by the ghent universityThis programme is part of the Ghent University post-acade-
mic courses. To receive a post-academic certificate granted by
Ghent University for Part I and/or
Part II, one should at least attend
modules 1, 2 and 3 of part I and/or
modules 1, 2 and 4 of part II, and
successfully take exams for these.
The exam will normally take place at
the end of September 2008. Example
questions, giving a precise idea of
what can be asked at the exam, will
be given in advance. Course certifi-
cates are a personal merit: partici-
pants who aspire a certificate cannot
be replaced, others can.
introduction
The ICT Networking & security course is
the first part of a large scale international
ICT course organised by the Institute of
Continuing Education at Ghent University.
In total, five parts will be organised
dealing with Multimedia (Part II), Software
Engineering (Part III), Operating Systems
& ICT System Management (Part IV) and
Databases (Part V). All parts are schedu-
led within 2008-2009. If you want to be
updated about the following parts, send
an e-mail to [email protected]
Extra business edition! Follow this course worldwide. For
companies interested in this course, a
live streaming video of the lectures via
the Internet will be available to attend
locally at your business sites world-
wide. Some of the lab sessions can also
be organised locally in your company.
For more information, contact us at:
ict in continuing education: the ivPv success story
By the end of the previous century, the IVPV together with Agoria challenged the shortage in ICT-specialists by setting up a large
scale IT course. For one or two evenings per week, around 2000 employees throughout Belgium and Europe faithfully attended the
videoconferences organised by the Flemish universities. Many participants took exams on one or more modules, and received a univer-
sity certificate. The course was a true milestone for industry, and gave a new élan to many ICT-experts.
Today Agoria teaches us that again there is a growing shortage in ICT-specialists. The IVPV picks up the Agoria inquiry, and revitali-
zes a new large scale ICT course. As always, the course is demand driven, and the content has been set up in close collaboration with
industry.
Program Part I: Communication networks
Module 1: Fixed NetworksThe basis of most contemporary fixed networks is the TCP/IP protocol
stack. The objective of this module is to discuss in more detail the
several layers of this stack, starting with the application layer and
ending with the data link layer. At the application layer, we shall
deal with the most common protocols for Web (HTTP), e-mail (SMTP,
POP), file transfer (FTP),... One level lower in the protocol stack, at
the transport layer, we find the well known TCP and UDP. The transport
layer itself relies on the underlying network layer, where the Internet
Protocol (IP) is used. At this point routing and network management
tools like OSPF, BGP, ICMP, NAT, DHCP,... will also be discussed. Finally,
we end with the data link layer protocols such as Ethernet or PPP.
The theory from this module will be illustrated by a series of 4 lab
sessions which will give the course members hands-on experience
about the operation of basic IP applications, network protocols and
basic network configuration.
Teachers: Piet Demeester, Andy Van Maele (Lab sessions)
Organisation: 3 plenary sessions theory + 4 group sessions lab exercises
Reference book: “Computer networking - A top-down approach
featuring the internet, 4th Edition” by James F. Kurose & Keith W. Ross
Module 2: Multimedia NetworksThe second module of this part about communication networks deals
with multimedia networks and the specific network requirements multi-
media implies. It is in this module that we shall discuss important
concepts as quality of service (QoS), multicast and the next generation
of the Internet Protocol (IPv6), which offers new possibilities that are
unavailable in less advanced networks and are useful for the reliable
transmission of multimedia data. Voice-over-IP will be considered as a
typical multimedia application. Other, more advanced, techniques that
will also be dealt with are SIP (used to support Voice-over-IP), MPLS
(used to support QoS),...
The theory is complemented by a series of 3 lab sessions where expe-
rience will be acquired with the nature of video traffic, by configuring
a network to support QoS and with SIP.
Teachers: Piet Demeester, Andy Van Maele (Lab sessions)
Organisation: 2 plenary sessions theory + 3 group sessions lab exercises
Reference book: “Computer networking - A top-down approach
featuring the internet, 4th Edition” by James F. Kurose & Keith W. Ross
Module 3: Wireless NetworksTwo different kinds of wireless networks are dealt with in this module.
On the one hand, we shall consider mobile communication systems
relying on large cellular infrastructures, like GSM and UMTS. But the
main accent of this module will lie on less “institutional” wireless
technologies like WiMAX (wide area networks), WLAN (local networks),
Bluetooth and Zigbee (personal networks) and even RFID (tagging).
Teacher: Ingrid Moerman
Organisation: 3 plenary sessions theory
Reference book: “Mobile Communications, 2nd edition” by Jochen
Schiller
Module 4: eTOMThe first part is concluded by a session about eTOM, which is to the
telecommunication industry what ITIL is to the information techno-
logy industry: a framework of best practice approaches to deliver high
quality services. It deals with the more organisational, rather than
technical, aspects of telecommunication networks.
Teacher: Filip De Turck
Organisation: 1 plenary session theory
Extra module: CasesThis module contains 1 session with 4 cases to give an overall illu-
stration of the course topics. Subscription is free and automatically
included.
Organisation: 1 group session lab exercises
Program Part II: Security
Module 1: Security BasicsWhat does information security mean? Which functions can be reali-
sed? Why do we need security? These are the questions that should be
answered in the first session of this module.
The main basic objectives of information security are discussed: confi-
dentiality, authentication, data-integrity, non-repudiation and avai-
lability. We shall show what may happen if insufficient measures are
taken to achieve these properties and how people with bad intentions
can undermine these objectives to gain an advantage. Besides these
basic security concepts, this module also deals with the concrete basic
mechanisms that can be used to achieve the desired security objecti-
ves. The basic principles of conventional and asymmetric encryption,
hash functions, message authentication codes, time stamps, certifi-
cates, PKI,... are explained, without plunging into the mathematical
details underlying these complex techniques. Biometric techniques will
also be shortly discussed here, both with their advantages and their
shortcomings.
Teacher: Eric Laermans
Organisation: 2 plenary sessions theory
Reference book: “Cryptography and Network Security, Principles and
Practices, 4th edition” by William Stallings
Module 2: Security ApplicationsOnce the basic building blocks are well understood, we shall try to
understand how they are used to achieve security in communication
networks, at the different levels of the protocol stack: at application
layer (PGP, S/MIME, SSH,...), at the transport layer (TLS/SSL) or at
the network layer (IPSec). Related to these secure protocols, we shall
also explain how they can be used to create VPN’s. The use of these
cryptographic security techniques alone is not sufficient to guarantee
programme*1 session = 2 lectures/labs of 1.5 hr.
teachersthe security of computer or communication systems. System security
measures protecting against malware and other intrusions are also essen-
tial. This is why we shall also discuss malware protection, firewalls and
intrusion detection systems. And finally, as wireless networks are parti-
cularly open and vulnerable to attacks, we deal with the specific security
measures for wireless networks: from the defective WEP to the improved
WPA and WPA2. A demonstration session will illustrate the potential risks
in networks, especially in WEP secured wireless local networks.
The theory presented in this module is also complemented by two lab
sessions about the principles of network security and about the configu-
ration and vulnerability of a basic wireless local network secured by WEP.
Teachers: Eric Laermans, Andy Van Maele (Lab sessions)
Organisation: 5 plenary sessions theory + 2 group sessions lab exercises
Reference book: “Cryptography and Network Security, Principles and
Practices, 4th edition” by William Stallings
Module 3: Advanced security configurationTo those who are already more familiar with ICT and security, this module
is devoted to the more advanced practical aspects of information security.
In a series of 4 lab sessions, hands-on experience will be obtained in
advanced PC security, authentication services with a RADIUS server and
advanced security aspects of wireless networks.
Teacher: Andy Van Maele
Organisation: 1 plenary session theory + 4 group sessions lab exercises
Module 4: Organisational aspectsSecurity is not just a matter of technology. The organisational aspects
certainly are not less important. In this module, we shall see how infor-
mation security can be organised within a company: how security policies
are designed and implemented and how a company can respond to secu-
rity incidents. Attention will also be given to the control and auditing of
security policies, for which CobiT is an important standard.
Teacher: Marc Vael
Organisation: 2 plenary sessions theory
Module 5: Legal aspectsThe security part of this course concludes with a last module about the
legal aspects of security. What activities (hacking, identity theft,...)
can be considered illegal? What are the legal measures against compu-
ter crime? Another important legal aspect of information security is the
protection of personal data (of customers or employees). This module
also discusses the obligations a company has to achieve an acceptable
level of information security. Besides protection against attacks, we also
deal with the legal framework for electronic signatures and e-commerce.
Teacher: Jos Dumortier
Organisation: 1 plenary session theory
Extra module: CasesThis module contains 1 session with 4 cases to give an overall illustration
of the course topics. Subscription is free and automatically included.
scientific coordination
> Prof. dr. ir. Eric Laermans
Department of Information Technology,
Ghent University, IBBT
> Prof. dr. ir. Piet Demeester
Department of Information Technology,
Ghent University, IBBT
> Prof. dr. ir. Ingrid Moerman
Department of Information Technology,
Ghent University, IBBT
teachers
> Piet Demeester
Department of Information Technology,
Ghent University, IBBT
> Jos Dumortier
ICRI, KULeuven, IBBT
> Filip De Turck
Department of Information Technology,
Ghent University, IBBT
> Eric Laermans
Department of Information Technology,
Ghent University, IBBT
> Ingrid Moerman
Department of Information Technology,
Ghent University, IBBT
> Marc Vael
Executive Director at Protiviti Belgium, Brussels
> Andy Van Maele
Department of Information Technology,
Ghent University, IBBT
This course is organised as a cooperation between the
Institute for Continuing Education (IVPV) of Ghent University
and the Interdisciplinary institute for BroadBand Technology
(IBBT) with the support of Agoria (Belgium employers’
organisation and trade association).
INSTITUUT VOORPERMANENTEVORMING
subscription form
✂
Preferably via www.ivpv.ugent.be OR by using this form:
Return completed and signed form (use capitals):
Name: ∏ Mr. / ∏ Ms. First Name:
Private address Street: Number:
Zip: City: Country:
Telephone:
Company:
Function:
Company address Street: Number:
Zip: City: Country:
Telephone: Fax:
E-mail:
VAT nr:
Invoice: ∏ company ∏ private
I will pay e by means of employer/employee training cheques
Date: Signature:
Your address data are incorporated by the IVPV in a database in order to be able to keep you informed of our activities and programmes. In accordance with the law from
8/12/1992 safeguarding personal privacy with respect to the processing of personal data, you are entitled to examine, correct or cancel this information kept by the IVPV.
Part I: Communication Networks
∏ Module 1: Fixed Networks € 1100
∏ Module 2: Multimedia Networks € 800
∏ Module 3: Wireless Networks € 500
∏ Module 4: eTom € 200
∏ Modules 1 – 4 together € 2100
Part II: Security
∏ Module 1: Security Basics € 330
∏ Module 2: Security Applications € 1100
∏ Module 3: Advanced Security Configuration € 800
∏ Module 4: Organisational Aspects € 330
∏ Module 5: Legal Aspects € 200
∏ Modules 1 – 5 together € 2200
∏ All modules Part I & II € 3900
Reference books
∏ Computer networking - A top-down approach featuring the internet,
4th edition by James F. Kurose & Keith W. Ross (reference work for Part I, modules 1 and 2): e 50,26 (incl. VAT).
∏ Cryptography and Network Security, Principles and Practices,
4th edition by William Stallings (reference work for Part II, modules 1 and 2): e 65,72 (incl. VAT).
∏ Mobile Communications, 2nd edition by Jochen Schiller (reference work for Part I, module 3): e 63,02 (incl. VAT).
ParticiPation fee
The participation fee includes the tuition fee, course notes,
soft drinks, coffee and sandwiches. Payment occurs after
reception of the invoice. All invoices are due in thirty days.
All fees are exempt of VAT; eventual transfer rates are at the
expense of the participant. Reference books are billed directly
by the bookshop. Special prices apply for UGent employees and
members of Ghent University Association (Consult the website
from within the Ghent University/Association network).
grouP reduction
When participant(s) of a company subscribe for the equiva-
lent of the complete course, a reduction of 20% is given to all
additional subscriptions of the same company, even on single
modules. Invoicing is then done by one company invoice. For
larger numbers of subscriptions, additional reductions could be
envisaged: please contact the IVPV-secretariat.
training cheques (‘oPleidingscheques – bea’)Ghent University has been recognised as an official training
supplier within the framework of the training cheques of the
Flemish Community. Thereby you can save on the participation
fee of this training (www.vlaanderen.be/opleidingscheques).
For employers we refer to www.BEAweb.be (authorisation ID:
DV.O103 194)
Scri
ptic
s 09
225
52
02
Practical information
The programme consists of different modules. Each module
can be followed separately. Plenary sessions (theory) are
organised as follows:
> 18h00-19h30: session 1
> 19h30-20h00: sandwich break
> 20h00-21h30: session 2
location > Plenary sessions (theory): Ghent University, Institute
for Continuing Education, Campus Engineering Faculty,
Building “Magnel” (nr. 904), Technologiepark, 9052
Zwijnaarde, Belgium
> Lab sessions: Ghent University, IBBT, Zuiderpoort Office
Park, Gaston Crommenlaan 8, B-9050 Gent-Ledeberg,
Belgium
languageEnglish is used in all presentations, lab exercises and
documentation, so a good knowledge of this language
is necessary.
cancellation Policy> Cancellation should be done in writing (either letter or
fax);
> Cancellation can be done on individual modules or on full
subscriptions;
> When cancelling up to 10 days before the start of the
course/module, an administrative fee of 25% on the
requested payback is due;
> When cancelling less than 10 days before the start of the
module, the full fee is due;
information and documentationMore detailed information about the course in general or
on particular modules can be found on the course website:
http://www.ivpv.ugent.be
The IVPV secretariat can also be contacted:
Institute for Continuing Education
Els Van Lierde
Technologiepark 913, 9052 Zwijnaarde
Tel: +32 9 264 55 82, fax: +32 9 264 56 05
E-mail: [email protected]
practical info
Part I: Communication Networks Theory Lab* Fee**
Module 1: Fixed Networks 10/01/08, 17/01/08, 24/01/08 12/01/08, 19/01/08, € 1100
26/01/08, 02/02/08
Module 2: Multimedia Networks 31/01/08, 13/02/08 16/02/08, 23/02/08, 1/03/08 € 800
Module 3: Wireless Networks 21/02/08, 28/02/08, 6/03/08 € 500
Module 4: eTom 13/03/08 € 200
Extra Module: Cases 20/03/08 Included
Part II: Security Theory Lab* Fee**
Module 1: Security Basics 10/04/08, 17/04/08 € 330
Module 2: Security Applications 24/04/08, 30/04/08, 8/05/08, 17/05/08, 24/05/08 € 1100
15/05/08, 22/05/08
Module 3: Advanced Security Configuration 29/05/08 31/05/08, 7/06/08, € 800
14/06/08, 21/06/08
Module 4: Organisational Aspects 5/06/08, 12/06/08 € 330
Module 5: Legal Aspects 19/06/08 € 200
Extra Module: Cases 26/06/08 Included
Part I: all modules together € 2100
Part II all modules together € 2200
Part I & II, all modules € 3900
* Extra lab sessions will be organised if necessary This schedule may be subject to modification** Exempt of VAT. Eventual transfer rates are at the expense of the participant.
scheduling & ParticiPation fee