UNIK4740

=Info=
 * This course is a Master course (UNIK4740) - for "Selected Topics in Information Security in Mobile and Sensor Networks" see UNIK9740

=About the course = Sensor networks are becoming increasingly popular and data from sensors are en essential part of business models. The developments of wireless technologies such as wirelessHART, Bluetooth and ANT+ will drastically increase the use of sensors and their economic value in business decisions.

This course will introduce and discuss security aspects of mobile and wireless sensor networks. It will analyse the potential threats, and discuss security mechanisms in all layers in order to counteract on the threats. Starting from the essentials of information security, the course will use specific scenarios to analyse security in critical infrastructures. With sensors measuring almost everywhere, privacy challenges for both industrial and private data are emerging.

=Learning outcomes = Having joined the course, you will have gained an understanding of the state-of-the-art in sensor communication. Through scenarios you will have captured the security challenges, including confidentiality, integrity, availability, authentication and non-repudiation.

Based on the OSI Layer you will understand security threats in radio, in the protocols, and in the applications. Examples of countermeasures will help you to define a system with an appropriate security level.

= Topics = The course will cover the following topics:

Explore why Information Security in Mobile and Sensor Communication
 * Imagine scenarios
 * Motivation
 * Needs
 * Whats in stake, what can be compromised
 * How it can jeopardize life e.g. critical infrastructure, mobility at the expense of privacy

Mobile communication specifics
 * Nitty-gritty of communication (max 30 min as part of introduction)
 * Mobile communication
 * Access and core
 * Frequency Band

Sensor communication specifics
 * Sensor communication
 * various standards
 * secure vs non-secure
 * more sensor specific topics

Information security fundamentals (don't show, should be only 1 slide)
 * Confidentiality
 * Integrity
 * Availability
 * Authentication
 * Non-repudiation
 * OSI Layer and Security
 * Explore security in Layer 2, 3, 4 and 7
 * Deep into consequence
 * Vulnerability and threats
 * Attacks

Security in Mobile systems
 * System evolution, vague boundary between mobile network and conventional network, access and core
 * Security evolution: 1G vs 2G vs 3G vs 4G
 * Security in device and communication
 * Key generation, key storage, key distribution
 * Certificates and certificate distribution
 * PKI


 * Countermeasures
 * Standards and protocols
 * Mechanism overview

Challenges
 * open challenges

Lab work: Demonstration & practical work: use of tools
 * Mock Information security scenario for sensor/mobile
 * overview OpenSource projects in security
 * OpenSSL
 * secure client-server
 * key and certificate generation
 * encrypt and decrypt files suing openssl
 * GNU-TLS
 * test inter-operability between different tools
 * Wireshark
 * Capture packets when the communication is open vs secure
 * analyze them
 * ettercap

Suggestion

 * based on a book? or a set of papers?
 * start as PhD?
 * see details in text

= Lecture overview with keywords =

Note: recorded lecture Attach:record.png (in .wmv) works only if connected with VPN to UNIK. Streaming with mms://lux.unik.no/301 works without VPN (copy and paste the link into a browser window).