TELCOM 2825: Information Systems and Network Infrastructure Protection Spring 2009   The nation’s demand for and dependence on computer and communication services has resulted in information systems and communication networks (e.g., Internet, PSTN, cellular, etc.) becoming a part of the nation’s critical infrastructure.   In this course we cover techniques for the protection and survivability of information systems and networks. The goal of infrastructure protection is for the system to remain operational and provide adequate service in the face of attacks and faults. Topics include a review of the US government Infrastructure Protection Strategy, risk assessment and management techniques, system vunerability/reliability/availability analysis, intrusion detection techniques, survivability and fault tolerance principles, survivable communication network design techniques, traffic restoration schemes, interaction between survivability and security policies. Prerequisites: Basic Networking Course (Telcom 1004 or 2000)  and helpful  but not required (Intro to Security)   1. Instructor: Dr. David Tipper,  Associate Professor of  Telecommunications                          Office:  749  IS Building                          Phone: (412) 624-9421                          Email: dtipper@mail.sis.pitt.edu                          Web page: http://www.sis.pitt.edu/~dtipper/tipper.html                          Office hours: Monday: 1:30  - 3:00 p.m,   Wednesday: 1:30 - 3:.00 p.m. or by appointment   2. GSA:         None – see the instructor  for help with the homework                        3.Textbook:   Critical Infrastructure Protection in Homeland Security, T.Lewis,  March, 2006.                          Critical Information Protection, GAO, Nova Science Publishers, 2008.                          References:    Critical Infrastructure Protection II, M. Papa, Springer Singapore, 2008                          Critical Information Infrastructures: Resilience and Protection,  M. Hyslop, Springer-Verlag, 2007                           Management of Information Security, M. Whitman and H. Mattord,  Couse Technology, 2004.                          Readings and Cases in the Management of Information Security,  M. Whitman and H. Mattord, Course Technology, 2005                          Managing Information Security Risks: The OCTAVE Approach, C. Alberts and A. Dorofee, Addison Wesley, 2003                            Network Recovery, J.P.Vasseur, M. Pickavet, and P. Demeester, Morgan Kaufmann, 2004                          Mesh-Based Survivable Networks, W. Grover,  Prentice-Hall, 2004                          Information Security Risk Analsis, T. Peltier, CRC Press, 2001.                          4.  Course Outline and Class Notes   5. Grading: Homework                      30%                        Project                            35%                        Exam                               35%    6. Policies All work must be the student's own unless collaboration is explicitly permitted Late assignments will not be accepted unless there are exceptional circumstances. Homework is due ONE week after it is assigned unless otherwise mentioned. Homework and reading will be assigned every week unless otherwise mentioned. Check for homework on the web page even if it is not explicitly mentioned in class Students are responsible for doing the labs and submitting the reports to the instructor Check for lab instructions and changes on the web page regularly Keep checking the web page for other changes regularly All written work must be legible and clear to receive credit.