Quick Navigation


Psychology-Computer Science Building, Room 460
Northern Illinois University
DeKalb, IL 60115 USA

Phone: 815.753.0378
Office Hours: Monday-Friday, 8:00-Noon & 1:00-4:30pm


CSCI 650: Principles of Computer Security

In today’s “connected” world, computer and network security is becoming extremely important as the number of security incidents and severity of their impact are steadily climbing. Today, from individuals to multinationals, from a local government to United Nations face security threats to their systems from juvenile hackers to terrorist organizations. So fundamental knowledge of security issues, analysis, and available solutions should be part of undergraduate/graduate computer education curriculum. This course is intended to provide this fundamental knowledge.

This topic is of interest to not only our traditional students, it is a vital course for busy professionals who are taking advantage of our programs to enhance their credentials. With professional and family commitments, these individuals welcome the convenience of learning in their own time and getting the course credit.

Course Goals

  • Understand the terminology and issues related to computing security, vulnerabilities and exposures, and risk assessment.
  • Gain basic knowledge of technical aspects of computer security: Cryptography, Public Key Infrastructure, and Security standards and protocols.
  • Learn some practical aspects of computer security: implementation of security aspects in remote access, e-mail, web components, and software engineering.


  • General security concepts, vulnerabilities and exposures, incidents.
  • Cryptography overview:
    • Securing data with symmetric encryption (DES, AES (Rijndael), RC5, CAST IDEA).
    • Solving key distribution issues with asymmetric encryption (RSA, Diffie-Hellman, ECC, ElGamal).
    • Ensuring integrity with hashes (MD5, SHA, RIPEM.)
  • Key Management, Public Key Infrastructure.
  • Overview of Security Standards and Protocols (PKIX/PKCS, SSL/TLS, S/MIME, PGP, HTTPS, WEP).
  • Network Security:
    • Network vulnerability and attacks.
    • Network defenses, firewalls, intrusion detectors, computer forensics.
    • IPsec and VPNs, SSL, Kerberos, VPNs, wireless systems, firewalls.
  • Authentication and Authorization (Kerberos, CHAP, RADIUS, TACACS+).
  • Developing secure software applications; Hardening the operating system.