Number and Title of Course: CPSC6126 – Computer Security (Information Systems Assurance)

Instructor(s): Dr. Wayne Summers

Office: FOB114                                                                     Office phone: (706) 568-3057
Department phone: (706) 568-2410                                    Department FAX: (706) 565-3529
Office Hours:
10-11:50 a.m. MWF (in online chat); 1-1:50 p.m. TR (in online chat); via e-mail, net-meetings and by appointment
e-mail address: summers_wayne@ColumbusState.edu
homepage:http://csc.ColumbusState.edu/summers

 

Catalog Description of Course: Prerequisite CPSC 5157 (Computer Networks) or equivalent. This course focuses on the protection of information systems against unauthorized access to or modification of information whether in storage, processing or transit, and against the denial of service to authorized users, including those measures necessary to detect, document, and counter such threats. This course creates a sensitivity to the threats and vulnerabilities of information systems, and a recognition of the need to protect data, information and the means of protecting them; and builds a working knowledge of principles and practices in information security. (3 credits).

Required Textbook(s):

  1. Security in Computing; Charles P. Pfleeger; Prentice Hall, 2003; ISBN 0-13-035548-8
  2. The Cuckoo's Egg : Tracking a Spy Through the Maze of Computer Espionage;by Clifford Stoll;Pocket Books;ISBN 0671726889

Supplementary Books and Materials

  • Software and manuals found in the lab and on the Internet

 

Course Objectives

  1. Students will understand the major issues of information assurance.
  2. Students will be able to identify threats and vulnerabilities to information systems.
  3. Students will be able to identify data, computer and network exploits.
  4. Students will be able to identify ways to secure information, computers and networks.
  5. Students will understand the use of encryption

Major Topics

  1. Security Threats and Vulnerabilities
  2. Encryption Systems
  3. Program Security
  4. Protection in General-Purpose Operating Systems
  5. Trusted Operating Systems
  6. Data Base Security
  7. Security in Networks and Distributed Systems
  8. Administering Security
  9. Legal , Privacy and Ethical Issues in Computer Security

Instructional Methods and Techniques

  1. The class will be taught online. Learning sessions will usually be conducted via threaded discussion and will include recorded lectures on the instructor's web site. See http://cs.ColumbusState.edu/Academics/Online/OnlineInfo.asp for information on taking an online course.
  2. Students will be expected to participate in asynchronous threaded discussions.
  3. All students must have access to networked computers for doing assignments.
  4. Students will have an opportunity to use a variety of security tools to reinforce their learning of the concepts.
  5. Discussion will also be available through live chat.

Assignments for Course

  • Readings from the textbooks.
  • Outside reading from popular computing and network periodicals.
  • Readings from documents found on the Internet.
  • Several lab homework assignments with security tools.

Course Evaluation (tentative):

  • Unit Homework Assignments (question sets @ 20 pts. each) = 180 pts.
    1. These may involve hands-on activities
    2. Some activities may require working with a classmante.
  • Discussion Group, “Class Participation” (2 submissions per chapter) = 200 pts.
    1. second submission will be in response to other students comments (comments like “I agree” are not acceptable)
    2. Group discussion of concepts is a great way to learn the material. Additional discussion will be used to determine grades for students on the borderline between two letter grades.
  • Submissions to Webliography (5 annotated links per chapter) = 90 pts.
    1. 1 point if just a new link
    2. 1 point if annotation for one of my links
    3. 2 points if a new annotated link
  • One midterm test = 100 pts.
  • 1 Comprehensive FINAL EXAM = 200 pts.
  • Research paper or project = 100 pts. (topic must be approved before starting the paper/project)

Grades may be determined according to this scale:

A 90% - 100%

B 80% - 89%

C 70% - 79%

D 60% - 69%

 

General Policies

You are responsible for all class work missed, regardless of the reason for the absence(s). Late assignments will not be accepted. No makeup exams or quizzes will be given, so please make sure you are present for all exams/quizzes. Refer to the CSU Catalog (http://aa.ColumbusState.edu/advising/a.htm#Absence Policy) for more information on class attendance and withdrawal.

Academic dishonesty
Academic dishonesty includes, but is not limited to, activities such as cheating and plagiarism. It is a basis for disciplinary action. Collaboration is not permitted on assignments or exams/quizzes in this course. Any work turned in for individual credit must be entirely the work of the student submitting the work. All work must be your own. You may share ideas but submitting identical assignments (for example) will be considered cheating. You may discuss the material in the course and help one another with debugging, however, I expect any work you hand in for a grade to be your own. . A simple way to avoid inadvertent plagiarism is to talk about the assignments, but don't read each other's work or write solutions together. Keep scratch paper and old versions of assignments until after the assignment has been graded and returned to you. If you have any questions about this, please see me immediately.

For assignments, access to notes, textbook, books and other publications is allowed. Stealing, giving or receiving any code, diagrams, drawings, text or designs from another person (CSU or non-CSU) is not allowed. Having access to another person’s work on the system or giving access to your work to another person is not allowed. It is your responsibility to keep your work confidential.

No cheating in any form will be tolerated. The penalty for the first occurrence of academic dishonesty is a zero grade on the assignment or exam/quiz; the penalty for the second occurrence is a failing grade for the course. For exams/quizzes, access to any type of written material or discussion of any kind (except with me) is not allowed. (http://aa.ColumbusState.edu/advising/a.htm#Academic Dishonesty/Academic Misconduct)

 

Getting help
You can always contact me during my posted office hours, by e-mail, or by appointment.

 

CSU ADA statement
If you have a documented disability as described by the Rehabilitation Act of 1973 (P.L. 933-112 Section 504) and Americans with Disabilities Act (ADA) and would like to request academic and/or physical accommodations please contact Joy Norman at the Office of Disability Services in the Center for Academic Support and Student Retention, Tucker Hall (706) 568-2330, as soon as possible. Course requirements will not be waived but reasonable accommodations may be provided as appropriate.


                 SUGGESTED WEEKLY SCHEDULE FOR COMPUTER SECURITY

 

Lecture Topic

Homework

Week 1:

Jan 6-10

Chapter 1 – Is There a Security Problem in Computing?

Cuckoo’s Egg

Assignment 1 - Is there a Security Problem in Computing?

Week 2:

Jan 13-17

Chapter 2 – Elementary Cryptography

Cuckoo’s Egg

 

Week 3:

Jan 20-24

Chapter 2 – Elementary Cryptography

Cuckoo’s Egg

 

Week 4:

Jan 27-31

Chapter 3 – Program Security

Cuckoo’s Egg

 

Week 5:

Feb. 3-7

Chapter 3 – Program Security

Cuckoo’s Egg

 

Week 6:

Feb. 10-14

Chapter 4 – Protection in General-Purpose Operating Systems

 

Week 7:

Feb. 17-21

Chapter 4

Chapter 5 – Designing Trusted Operating Systems

 

Week 8:

Feb. 24-28

Chapter 5 – Designing Trusted Operating Systems

Midterm Exam

Week 9:

Mar. 3-7

Chapter 6 – Database Security

 

Week 10:

Mar. 10-14

Chapter 6 – Database Security

 

Week 11:

Mar. 17-21

Chapter 7 – Security in Networks

 

Week 12:

Mar. 24-28

SPRING BREAK

 

Week 13:

Mar. 31 – Apr. 4 

Chapter 7 – Security in Networks

 

Week 14:

Apr. 7-11

Chapter 8 – Administering Security

 

Week 15:

Apr. 14-18

Chapter 8 – Administering Security

 

Week 16:

Apr. 21-25

Chapter 9 – Legal, Privacy, and Ethical Issues in Computer Security

 

Week 17:

Apr. 29

Chapter 9 – Legal, Privacy, and Ethical Issues in Computer Security

 

 

 

FINAL EXAM