ICT Networking and security - IVPV - Instituut voor Permanente ...
ICT Networking and security - IVPV - Instituut voor Permanente ...
ICT Networking and security - IVPV - Instituut voor Permanente ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Post-academic course in <strong>ICT</strong><br />
<strong>ICT</strong> <strong>Networking</strong> <strong>and</strong> <strong>security</strong><br />
First component of a new broad <strong>ICT</strong> course<br />
Part I: Communication networks, January – March 2008<br />
Module 1: Fixed Networks<br />
Module 2: Multimedia Networks<br />
Module 3: Wireless Networks<br />
Module 4: eTOM<br />
Cases<br />
Part II: Security, April – June 2008<br />
Module 1: Security Basics<br />
Module 2: Security Applications<br />
Module 3: Advanced Security Configuration<br />
Module 4: Organisational Aspects<br />
Module 5: Legal Aspects<br />
Cases<br />
Business version!<br />
Extra large scale business<br />
version available via live<br />
streaming video – see inside<br />
Obtain a Ghent<br />
University certificate<br />
Scientific Coordination<br />
Prof. dr. ir. Eric Laermans<br />
Prof. dr. ir. Piet Demeester<br />
Prof. dr. ir. Ingrid Moerman<br />
Department of Information Technology,<br />
Ghent University, IBBT<br />
INSTITUUT VOOR<br />
PERMANENTE<br />
VORMING
introduction<br />
<strong>ICT</strong> in Continuing Education: the <strong>IVPV</strong> success story<br />
By the end of the previous century, the <strong>IVPV</strong> together with Agoria challenged the shortage in <strong>ICT</strong>-specialists by setting up a large<br />
scale IT course. For one or two evenings per week, around 2000 employees throughout Belgium <strong>and</strong> Europe faithfully attended the<br />
videoconferences organised by the Flemish universities. Many participants took exams on one or more modules, <strong>and</strong> received a university<br />
certificate. The course was a true milestone for industry, <strong>and</strong> gave a new élan to many <strong>ICT</strong>-experts.<br />
Today Agoria teaches us that again there is a growing shortage in <strong>ICT</strong>-specialists. The <strong>IVPV</strong> picks up the Agoria inquiry, <strong>and</strong> revitalizes<br />
a new large scale <strong>ICT</strong> course. As always, the course is dem<strong>and</strong> driven, <strong>and</strong> the content has been set up in close collaboration with<br />
industry.<br />
Why this course<br />
The evolution in the world of communication networks in<br />
the last decades has been rapid <strong>and</strong> thorough. We evolved<br />
from traditional, fixed telephone networks, well controlled<br />
by clearly identified operators<br />
of the user itself in the form of some spyware leaking precious<br />
information to the hacker who planted the piece of malware.<br />
Furthermore, as users <strong>and</strong> enterprises rely more <strong>and</strong> more<br />
on their network infrastructure to do business, the consequences<br />
of successful attacks have<br />
to mobile, pervasive, more open<br />
<strong>and</strong> ever more complex IP-based<br />
networks. The share of voice communication<br />
in total network traffic has<br />
dwindled, while the amount of data<br />
communication over IP-networks<br />
from new applications as file transfer,<br />
e-mail, Web, etc. has steadily<br />
risen. Even within mobile networks,<br />
data communication is taking an<br />
ever larger share with new technologies<br />
as UMTS. Today, these new data<br />
networks even compete with the<br />
The <strong>ICT</strong> <strong>Networking</strong> & <strong>security</strong> course is<br />
the first part of a large scale international<br />
<strong>ICT</strong> course organised by the Institute of<br />
Continuing Education at Ghent University.<br />
In total, five parts will be organised<br />
dealing with Multimedia (Part II), Software<br />
Engineering (Part III), Operating Systems<br />
& <strong>ICT</strong> System Management (Part IV) <strong>and</strong><br />
Databases (Part V). All parts are scheduled<br />
within 2008-2009. If you want to be<br />
updated about the following parts, send<br />
an e-mail to info@ivpv.ugent.be<br />
become orders of magnitude more<br />
devastating. The second objective<br />
of this course is to allow to underst<strong>and</strong><br />
which <strong>security</strong> functions <strong>and</strong><br />
mechanisms exist, how they can be<br />
used <strong>and</strong> implemented to achieve<br />
acceptably secure communications.<br />
Who should attend<br />
This course is aimed at people with<br />
some technological background,<br />
although they need not be experts<br />
in <strong>ICT</strong>. Only the advanced lab sessions<br />
older more traditional networks for the telephone service, as<br />
Voice-over-IP has become a fierce competitor to the historical from the fourth module of the second part require a suffi-<br />
cient experience to start.<br />
telephone operators. This course aims to present the underlying<br />
technologies of this relatively new reality.<br />
Post-academic Course Certificate granted by<br />
the Ghent University<br />
Originally, networks were typically tightly controlled by welldefined<br />
operators. Attacks against those networks were sometimes<br />
possible, allowing the hacker<br />
This programme is part of the Ghent University post-academic<br />
courses. To receive a post-academic certificate granted by<br />
Ghent University for Part I <strong>and</strong>/or<br />
to pass the bill of his communications<br />
to the victim of the hacking,<br />
but the amplitude of the attacks <strong>and</strong><br />
their damage were generally rather<br />
limited. The openness of contemporary<br />
networks, especially IP-based<br />
networks, <strong>and</strong> the complexity <strong>and</strong><br />
vulnerability of contemporary terminals<br />
(computers or advanced mobile<br />
devices), means that much more<br />
attention has to be spent on the<br />
Extra business edition!<br />
Follow this course worldwide. For<br />
companies interested in this course, a<br />
live streaming video of the lectures via<br />
the Internet will be available to attend<br />
locally at your business sites worldwide.<br />
Some of the lab sessions can also<br />
be organised locally in your company.<br />
For more information, contact us at:<br />
ivpv@ugent.be<br />
Part II, one should at least attend<br />
modules 1, 2 <strong>and</strong> 3 of part I <strong>and</strong>/or<br />
modules 1, 2 <strong>and</strong> 4 of part II, <strong>and</strong><br />
successfully take exams for these.<br />
The exam will normally take place at<br />
the end of September 2008. Example<br />
questions, giving a precise idea of<br />
what can be asked at the exam, will<br />
be given in advance. Course certificates<br />
are a personal merit: participants<br />
who aspire a certificate cannot<br />
<strong>security</strong> of these networks. Attacks can come from anywhere, be replaced, others can.<br />
at any time. The attack could even originate from the terminal
programme<br />
Program Part I: Communication networks<br />
Module 1: Fixed Networks<br />
The basis of most contemporary fixed networks is the TCP/IP protocol<br />
stack. The objective of this module is to discuss in more detail the<br />
several layers of this stack, starting with the application layer <strong>and</strong><br />
ending with the data link layer. At the application layer, we shall<br />
deal with the most common protocols for Web (HTTP), e-mail (SMTP,<br />
POP), file transfer (FTP),... One level lower in the protocol stack, at<br />
the transport layer, we find the well known TCP <strong>and</strong> UDP. The transport<br />
layer itself relies on the underlying network layer, where the Internet<br />
Protocol (IP) is used. At this point routing <strong>and</strong> network management<br />
tools like OSPF, BGP, ICMP, NAT, DHCP,... will also be discussed. Finally,<br />
we end with the data link layer protocols such as Ethernet or PPP.<br />
The theory from this module will be illustrated by a series of 4 lab<br />
sessions which will give the course members h<strong>and</strong>s-on experience<br />
about the operation of basic IP applications, network protocols <strong>and</strong><br />
basic network configuration.<br />
Teachers: Piet Demeester, Andy Van Maele (Lab sessions)<br />
Organisation: 3 plenary sessions theory + 4 group sessions lab exercises<br />
Reference book: “Computer networking - A top-down approach<br />
featuring the internet, 4th Edition” by James F. Kurose & Keith W. Ross<br />
Module 2: Multimedia Networks<br />
The second module of this part about communication networks deals<br />
with multimedia networks <strong>and</strong> the specific network requirements multimedia<br />
implies. It is in this module that we shall discuss important<br />
concepts as quality of service (QoS), multicast <strong>and</strong> the next generation<br />
of the Internet Protocol (IPv6), which offers new possibilities that are<br />
unavailable in less advanced networks <strong>and</strong> are useful for the reliable<br />
transmission of multimedia data. Voice-over-IP will be considered as a<br />
typical multimedia application. Other, more advanced, techniques that<br />
will also be dealt with are SIP (used to support Voice-over-IP), MPLS<br />
(used to support QoS),...<br />
The theory is complemented by a series of 3 lab sessions where experience<br />
will be acquired with the nature of video traffic, by configuring<br />
a network to support QoS <strong>and</strong> with SIP.<br />
Teachers: Piet Demeester, Andy Van Maele (Lab sessions)<br />
Organisation: 2 plenary sessions theory + 3 group sessions lab exercises<br />
Reference book: “Computer networking - A top-down approach<br />
featuring the internet, 4th Edition” by James F. Kurose & Keith W. Ross<br />
Module 3: Wireless Networks<br />
Two different kinds of wireless networks are dealt with in this module.<br />
On the one h<strong>and</strong>, we shall consider mobile communication systems<br />
relying on large cellular infrastructures, like GSM <strong>and</strong> UMTS. But the<br />
main accent of this module will lie on less “institutional” wireless<br />
technologies like WiMAX (wide area networks), WLAN (local networks),<br />
Bluetooth <strong>and</strong> Zigbee (personal networks) <strong>and</strong> even RFID (tagging).<br />
Teacher: Ingrid Moerman<br />
Organisation: 3 plenary sessions theory<br />
Reference book: “Mobile Communications, 2 nd edition” by Jochen<br />
Schiller<br />
Module 4: eTOM<br />
The first part is concluded by a session about eTOM, which is to the<br />
telecommunication industry what ITIL is to the information technology<br />
industry: a framework of best practice approaches to deliver high<br />
quality services. It deals with the more organisational, rather than<br />
technical, aspects of telecommunication networks.<br />
Teacher: Filip De Turck<br />
Organisation: 1 plenary session theory<br />
Extra module: Cases<br />
This module contains 1 session with 4 cases to give an overall illustration<br />
of the course topics. Subscription is free <strong>and</strong> automatically<br />
included.<br />
Organisation: 1 group session lab exercises<br />
Program Part II: Security<br />
Module 1: Security Basics<br />
What does information <strong>security</strong> mean Which functions can be realised<br />
Why do we need <strong>security</strong> These are the questions that should be<br />
answered in the first session of this module.<br />
The main basic objectives of information <strong>security</strong> are discussed: confidentiality,<br />
authentication, data-integrity, non-repudiation <strong>and</strong> availability.<br />
We shall show what may happen if insufficient measures are<br />
taken to achieve these properties <strong>and</strong> how people with bad intentions<br />
can undermine these objectives to gain an advantage. Besides these<br />
basic <strong>security</strong> concepts, this module also deals with the concrete basic<br />
mechanisms that can be used to achieve the desired <strong>security</strong> objectives.<br />
The basic principles of conventional <strong>and</strong> asymmetric encryption,<br />
hash functions, message authentication codes, time stamps, certificates,<br />
PKI,... are explained, without plunging into the mathematical<br />
details underlying these complex techniques. Biometric techniques will<br />
also be shortly discussed here, both with their advantages <strong>and</strong> their<br />
shortcomings.<br />
Teacher: Eric Laermans<br />
Organisation: 2 plenary sessions theory<br />
Reference book: “Cryptography <strong>and</strong> Network Security, Principles <strong>and</strong><br />
Practices, 4th edition” by William Stallings<br />
*1 session = 2 lectures/labs of 1.5 hr.<br />
Module 2: Security Applications<br />
Once the basic building blocks are well understood, we shall try to<br />
underst<strong>and</strong> how they are used to achieve <strong>security</strong> in communication<br />
networks, at the different levels of the protocol stack: at application<br />
layer (PGP, S/MIME, SSH,...), at the transport layer (TLS/SSL) or at<br />
the network layer (IPSec). Related to these secure protocols, we shall<br />
also explain how they can be used to create VPN’s. The use of these<br />
cryptographic <strong>security</strong> techniques alone is not sufficient to guarantee
teachers<br />
the <strong>security</strong> of computer or communication systems. System <strong>security</strong><br />
measures protecting against malware <strong>and</strong> other intrusions are also essential.<br />
This is why we shall also discuss malware protection, firewalls <strong>and</strong><br />
intrusion detection systems. And finally, as wireless networks are particularly<br />
open <strong>and</strong> vulnerable to attacks, we deal with the specific <strong>security</strong><br />
measures for wireless networks: from the defective WEP to the improved<br />
WPA <strong>and</strong> WPA2. A demonstration session will illustrate the potential risks<br />
in networks, especially in WEP secured wireless local networks.<br />
The theory presented in this module is also complemented by two lab<br />
sessions about the principles of network <strong>security</strong> <strong>and</strong> about the configuration<br />
<strong>and</strong> vulnerability of a basic wireless local network secured by WEP.<br />
Teachers: Eric Laermans, Andy Van Maele (Lab sessions)<br />
Organisation: 5 plenary sessions theory + 2 group sessions lab exercises<br />
Reference book: “Cryptography <strong>and</strong> Network Security, Principles <strong>and</strong><br />
Practices, 4th edition” by William Stallings<br />
Module 3: Advanced <strong>security</strong> configuration<br />
To those who are already more familiar with <strong>ICT</strong> <strong>and</strong> <strong>security</strong>, this module<br />
is devoted to the more advanced practical aspects of information <strong>security</strong>.<br />
In a series of 4 lab sessions, h<strong>and</strong>s-on experience will be obtained in<br />
advanced PC <strong>security</strong>, authentication services with a RADIUS server <strong>and</strong><br />
advanced <strong>security</strong> aspects of wireless networks.<br />
Teacher: Andy Van Maele<br />
Organisation: 1 plenary session theory + 4 group sessions lab exercises<br />
Module 4: Organisational aspects<br />
Security is not just a matter of technology. The organisational aspects<br />
certainly are not less important. In this module, we shall see how information<br />
<strong>security</strong> can be organised within a company: how <strong>security</strong> policies<br />
are designed <strong>and</strong> implemented <strong>and</strong> how a company can respond to <strong>security</strong><br />
incidents. Attention will also be given to the control <strong>and</strong> auditing of<br />
<strong>security</strong> policies, for which CobiT is an important st<strong>and</strong>ard.<br />
Teacher: Marc Vael<br />
Organisation: 2 plenary sessions theory<br />
Module 5: Legal aspects<br />
The <strong>security</strong> part of this course concludes with a last module about the<br />
legal aspects of <strong>security</strong>. What activities (hacking, identity theft,...)<br />
can be considered illegal What are the legal measures against computer<br />
crime Another important legal aspect of information <strong>security</strong> is the<br />
protection of personal data (of customers or employees). This module<br />
also discusses the obligations a company has to achieve an acceptable<br />
level of information <strong>security</strong>. Besides protection against attacks, we also<br />
deal with the legal framework for electronic signatures <strong>and</strong> e-commerce.<br />
Teacher: Jos Dumortier<br />
Organisation: 1 plenary session theory<br />
Scientific Coordination<br />
> Prof. dr. ir. Eric Laermans<br />
Department of Information Technology,<br />
Ghent University, IBBT<br />
> Prof. dr. ir. Piet Demeester<br />
Department of Information Technology,<br />
Ghent University, IBBT<br />
> Prof. dr. ir. Ingrid Moerman<br />
Department of Information Technology,<br />
Ghent University, IBBT<br />
Teachers<br />
> Piet Demeester<br />
Department of Information Technology,<br />
Ghent University, IBBT<br />
> Jos Dumortier<br />
ICRI, KULeuven, IBBT<br />
> Filip De Turck<br />
Department of Information Technology,<br />
Ghent University, IBBT<br />
> Eric Laermans<br />
Department of Information Technology,<br />
Ghent University, IBBT<br />
> Ingrid Moerman<br />
Department of Information Technology,<br />
Ghent University, IBBT<br />
> Marc Vael<br />
Executive Director at Protiviti Belgium, Brussels<br />
> Andy Van Maele<br />
Department of Information Technology,<br />
Ghent University, IBBT<br />
This course is organised as a cooperation between the<br />
Institute for Continuing Education (<strong>IVPV</strong>) of Ghent University<br />
<strong>and</strong> the Interdisciplinary institute for BroadB<strong>and</strong> Technology<br />
(IBBT) with the support of Agoria (Belgium employers’<br />
organisation <strong>and</strong> trade association).<br />
Extra module: Cases<br />
This module contains 1 session with 4 cases to give an overall illustration<br />
of the course topics. Subscription is free <strong>and</strong> automatically included.<br />
INSTITUUT VOOR<br />
PERMANENTE<br />
VORMING
✂<br />
subscription form<br />
Preferably via www.ivpv.ugent.be OR by using this form:<br />
Return completed <strong>and</strong> signed form (use capitals):<br />
Name: ∏ Mr. / ∏ Ms.<br />
First Name:<br />
Private address Street: Number:<br />
Zip: City: Country:<br />
Telephone:<br />
Company:<br />
Function:<br />
Company address Street:<br />
Number:<br />
Zip: City: Country:<br />
Telephone:<br />
Fax:<br />
E-mail:<br />
VAT nr:<br />
Invoice: ∏ company<br />
I will pay e<br />
Date:<br />
∏ private<br />
by means of employer/employee training cheques<br />
Signature:<br />
Your address data are incorporated by the <strong>IVPV</strong> in a database in order to be able to keep you informed of our activities <strong>and</strong> programmes. In accordance with the law from<br />
8/12/1992 safeguarding personal privacy with respect to the processing of personal data, you are entitled to examine, correct or cancel this information kept by the <strong>IVPV</strong>.<br />
Part I: Communication Networks<br />
∏ Module 1: Fixed Networks € 1100<br />
∏ Module 2: Multimedia Networks € 800<br />
∏ Module 3: Wireless Networks € 500<br />
∏ Module 4: eTom € 200<br />
∏ Modules 1 – 4 together € 2100<br />
Part II: Security<br />
∏ Module 1: Security Basics € 330<br />
∏ Module 2: Security Applications € 1100<br />
∏ Module 3: Advanced Security Configuration € 800<br />
∏ Module 4: Organisational Aspects € 330<br />
∏ Module 5: Legal Aspects € 200<br />
∏ Modules 1 – 5 together € 2200<br />
∏ All modules Part I & II € 3900<br />
Reference books<br />
∏ Computer networking - A top-down approach featuring the internet,<br />
Participation Fee<br />
The participation fee includes the tuition fee, course notes,<br />
soft drinks, coffee <strong>and</strong> s<strong>and</strong>wiches. Payment occurs after<br />
reception of the invoice. All invoices are due in thirty days.<br />
All fees are exempt of VAT; eventual transfer rates are at the<br />
expense of the participant. Reference books are billed directly<br />
by the bookshop. Special prices apply for UGent employees <strong>and</strong><br />
members of Ghent University Association (Consult the website<br />
from within the Ghent University/Association network).<br />
Group Reduction<br />
When participant(s) of a company subscribe for the equivalent<br />
of the complete course, a reduction of 20% is given to all<br />
additional subscriptions of the same company, even on single<br />
modules. Invoicing is then done by one company invoice. For<br />
larger numbers of subscriptions, additional reductions could be<br />
envisaged: please contact the <strong>IVPV</strong>-secretariat.<br />
Training cheques (‘Opleidingscheques – BEA’)<br />
Ghent University has been recognised as an official training<br />
supplier within the framework of the training cheques of the<br />
Flemish Community. Thereby you can save on the participation<br />
fee of this training (www.vla<strong>and</strong>eren.be/opleidingscheques).<br />
For employers we refer to www.BEAweb.be (authorisation ID:<br />
DV.O103 194)<br />
4 th edition by James F. Kurose & Keith W. Ross (reference work for Part I, modules 1 <strong>and</strong> 2): e 50,26 (incl. VAT).<br />
∏ Cryptography <strong>and</strong> Network Security, Principles <strong>and</strong> Practices,<br />
4 th edition by William Stallings (reference work for Part II, modules 1 <strong>and</strong> 2): e 65,72 (incl. VAT).<br />
∏ Mobile Communications, 2 nd edition by Jochen Schiller (reference work for Part I, module 3): e 63,02 (incl. VAT).
practical info<br />
Practical Information<br />
The programme consists of different modules. Each module<br />
can be followed separately. Plenary sessions (theory) are<br />
organised as follows:<br />
> 18h00-19h30: session 1<br />
> 19h30-20h00: s<strong>and</strong>wich break<br />
> 20h00-21h30: session 2<br />
Location<br />
> Plenary sessions (theory): Ghent University, Institute<br />
for Continuing Education, Campus Engineering Faculty,<br />
Building “Magnel” (nr. 904), Technologiepark, 9052<br />
Zwijnaarde, Belgium<br />
> Lab sessions: Ghent University, IBBT, Zuiderpoort Office<br />
Park, Gaston Crommenlaan 8, B-9050 Gent-Ledeberg,<br />
Belgium<br />
Language<br />
English is used in all presentations, lab exercises <strong>and</strong><br />
documentation, so a good knowledge of this language<br />
is necessary.<br />
Cancellation Policy<br />
> Cancellation should be done in writing (either letter or<br />
fax);<br />
> Cancellation can be done on individual modules or on full<br />
subscriptions;<br />
> When cancelling up to 10 days before the start of the<br />
course/module, an administrative fee of 25% on the<br />
requested payback is due;<br />
> When cancelling less than 10 days before the start of the<br />
module, the full fee is due;<br />
Information <strong>and</strong> Documentation<br />
More detailed information about the course in general or<br />
on particular modules can be found on the course website:<br />
http://www.ivpv.ugent.be<br />
The <strong>IVPV</strong> secretariat can also be contacted:<br />
Institute for Continuing Education<br />
Els Van Lierde<br />
Technologiepark 913, 9052 Zwijnaarde<br />
Tel: +32 9 264 55 82, fax: +32 9 264 56 05<br />
E-mail: ivpv@UGent.be<br />
Scheduling & Participation Fee<br />
Part I: Communication Networks Theory Lab* Fee**<br />
Module 1: Fixed Networks 10/01/08, 17/01/08, 24/01/08 12/01/08, 19/01/08, € 1100<br />
26/01/08, 02/02/08<br />
Module 2: Multimedia Networks 31/01/08, 13/02/08 16/02/08, 23/02/08, 1/03/08 € 800<br />
Module 3: Wireless Networks 21/02/08, 28/02/08, 6/03/08 € 500<br />
Module 4: eTom 13/03/08 € 200<br />
Extra Module: Cases 20/03/08 Included<br />
Part II: Security Theory Lab* Fee**<br />
Module 1: Security Basics 10/04/08, 17/04/08 € 330<br />
Module 2: Security Applications 24/04/08, 30/04/08, 8/05/08, 17/05/08, 24/05/08 € 1100<br />
15/05/08, 22/05/08<br />
Module 3: Advanced Security Configuration 29/05/08 31/05/08, 7/06/08, € 800<br />
14/06/08, 21/06/08<br />
Module 4: Organisational Aspects 5/06/08, 12/06/08 € 330<br />
Module 5: Legal Aspects 19/06/08 € 200<br />
Extra Module: Cases 26/06/08 Included<br />
Part I: all modules together € 2100<br />
Part II all modules together € 2200<br />
Part I & II, all modules € 3900<br />
Scriptics 09 225 52 02<br />
* Extra lab sessions will be organised if necessary This schedule may be subject to modification<br />
** Exempt of VAT. Eventual transfer rates are at the expense of the participant.