TELCOM 2825: Information Systems and Network Infrastructure Protection Fall  2007   The nation’s demand for and dependence on computer and communication services has resulted in information systems and communication networks (e.g., Internet, PSTN, cellular, etc.) becoming a part of the nation’s critical infrastructure.   In this course we cover techniques for the protection and survivability of information systems and networks. The goal of infrastructure protection is for the system to remain operational and provide adequate service in the face of attacks and faults. Topics include risk assessment and management techniques, system vunerability/reliability/availability analysis, intrusion detection techniques, survivability and fault tolerance principles, survivable communication network design techniques, traffic restoration schemes, interaction between survivability and security policies. Prerequisites: Basic Networking Course (Telcom 1004 or 2000)  and  Security Course  (preferably Intro to Security)   1. Instructor: Dr. David Tipper,  Associate Professor of  Telecommunications                          Office:  749  IS Building                          Phone: (412) 624-9421                          Email: dtipper@mail.sis.pitt.edu                          Web page: http://www.sis.pitt.edu/~dtipper/tipper.html                          Office hours: Monday: 1:30  - 3:00 p.m,   Wednesday: 1:30 - 3:.00 p.m. or by appointment   2. GSA:         Korn Vajanapoom                        Office: SIS 716                        Phone: (412) 624-9197                        Email: k_vajanapoom@hotmail.com                        Office hours: Tuesday 2:00-4:00 p.m   3.Textbook:   Critical Infrastructure Protection in Homeland Security, T.Lewis,  March, 2006.                          Management of Information Security, M. Whitman and H. Mattord,  Couse Technology, 2004.                          Readings and Cases in the Management of Information Security,  M. Whitman and H. Mattord, Course Technology, 2005                          Managing Information Security Risks: The OCTAVE Approach, C. Alberts and A. Dorofee, Addison Wesley, 2003                            Network Recovery, J.P.Vasseur, M. Pickavet, and P. Demeester, Morgan Kaufmann, 2004                          Mesh-Based Survivable Networks, W. Grover,  Prentice-Hall, 2004                          Information Security Risk Analsis, T. Peltier, CRC Press, 2001.                          4.  Course Outline and Class Notes   5. Grading:   Homework                            30%                        Project                                   35%                        Exam                                      35%    6. Policies All work must be the student's own unless collaboration is explicitly permitted Late assignments will not be accepted unless there are exceptional circumstances. Homework is due ONE week after it is assigned unless otherwise mentioned. Homework  and reading will be assigned every week unless otherwise mentioned. Check for homework on the web page even if it is not explicitly mentioned in class Students are responsible for doing the labs and submitting the reports to the instructor Check for lab instructions and changes on the web page regularly Keep checking the web page for other changes regularly All written work must be legible and clear to receive credit.