This lecture is intended for students in computer science. Participants should have a working knowledge of standard cryptographic tools and mechanisms.


Security as a system,

A security framework,

Firewall architectures and types

Stateless and Stateful Packet Filters

Intermediaries and Internet Services

Buffer Overflow Attacks

Exercises in Buffer Overflow Attacks

Download the C program below and compile it (or use the compiled version). Enter the digits 123 on the keyboard and press enter. You will see a message with a marker integer which should be 0xeeee and your digits on the display. Now enter 1234 and notice how a part of the marker integer gets suddenly changed. Look at the code and see where the fourth digit is written: over a part of the marker integer. Now write 12345 on the keyboard and watch how the marker is completely destroyed. Not you can look at the assembly code of the little C program. Do you understand why the marker integer is destroyed because the allocated array is written out of bounds? Look where both the integer and the array are located.

Security Analysis

Trusted Computing Base

Attacks on Web Applications

Infrastructure Security

Web Application Security

Federated Security and Web-SSO

XML Security

Web Services Security

Usabilit and Security - why unsafe systems won't get any safer with more dialogs

Questions and Answers to Internet Security

PLEASE NOTE: this is only version 0.1 and has a long way to go