CPSC6136 - Advanced Systems Security Assignments


Assignment 0 - Introduction
Assignment 1 - An Overview of Computer Security
    Hands-on Lab 1 - Footprinting the network
Assignment 2 - Security Policies
    Hands-on Lab 2 - Acceptable Internet usage policy
Assignment 3 - Confidentiality & Integrity Policies
Assignment 4 - Basic Cryptography & Key Management
Assignment 5 - Cipher Techniques and Authentication
    Hands-on Lab 3 - Security Policy Review
Assignment 6 - Design Priciples & Representing Identity
Assignment 7 - Access Control Mechanisms
Assignment 8 - Information Flow & Confinement Problem
Assignment 9 - Introduction to Assurance
    Hands-on Lab 4 - Building Systems with Assurance    (Setting up the VPN client video)
VPN client (14 Meg zip file)
Assignment 10 - Evaluating Systems
Assignment 11 - Malicious Logic & Vulnerability Assessment
    Hands-on Lab 5 - Vulnerability Assessment
Assignment 12 - Auditing and Intrusion Detection
Assignment 13 - Network Security & Social Engineering
Assignment 14 - System Security & Social Engineering
Assignment 15 - User Security & Social Engineering

 

PROJECTS
One of the major requirements for this course is a computer security project or research paper. You will be expected to submit your project in either HTML format suitable for publication on the Internet or Powerpoint. I have listed some example topics below. You may design your own project, but it must be approved by me first. You may work in groups of two on large projects with prior approval.

You must email me your topic by October 22, 2005.
The completed project must be submitted to the Dropbox in WebCT no later than 11:59 p.m. on December 2, 2005. I would like to have a discussion of these projects during the last two weeks of class.
I will be available for help with this projects.

Possible Projects include:

  • PDA's & Security - Zaurus Case Study - Barbara Fox
  • Security Issues in using Microsoft Virtual PC - James Carlisle
  • Installation of a Radius server and client - Chris Coleman
  • Compare and Recommend email security solutions (e.g., PGP, PEM) - Robert Cross
  • setting up a PKI: including CA and RA to generate certificates - Quanxing Zhang
  • Design of a Security and Assurance of Information Lab (SAIL) (e.g. Creating a Security Laboratory Environment for Education, Research and Outreach)
  • Comparative analysis of different intrusion detection and intrusion prevention systems.
  • Develop a security policy for your company / institution (must be a significant enhancement if you already have one). -
  • Compare and Recommend internet security (e.g., SSL)
  • Compare and Recommend message digests (e.g., MD5, SHA, HMAC) tools

Possible Papers include:

  • Location-based Authentication - Alan Hughes
  • Disaster Planning and Recovery
  • Risk Assessment / Management
  • Sarbane-Oxley
  • FERPA
  • HIPPA
  • PKI
  • Secure / Robust Programming
  • Voting Systems Security
  • Key Management Systems
  • Ipv6 Security
  • Common Criteria
  • SSE-CMM
  • Vulnerability Management
  • Write asset inventory policy
  • Write database security feature use policy
  • Write systems interconnection policy
  • Write careless/disgruntled employee monitoring policy
  • Write computer network attack policy
  • Write data aggregation policy
  • Write human threat policy
  • Write security review policy
  • Write social engineering monitoring policy
  • Write facility management policy
  • Write EMSEC/TEMPEST policy
  • Write threat assessment plan
  • Write threat assessment policy
  • Computer crime and various methods used to commit computer crime
  • Computer law and various methods to prevent computer crime
  • Privacy Act and how it pertains to security
  • Patriot Act and how it pertains to privacy and security
  • Identification and Authentication (I&A) Policy
  • Monitoring and Auditing Policy

I expect these papers/presentations to be graduate quality. This means you need to do a serious amount of research in the area and formulate your ideas based on your research. Be sure to cite all of your sources of information.

Your grade will be determined using the following:

  1. Professionalism and Standards (10%)
  2. Organization and Design(10%)
  3. Spelling, Grammar, and Accuracy (10%)
  4. Content (70%)

Click here to return to Wayne's World's homepage: return to Wayne's World


written by Wayne Summers summers_wayne@ColumbusState.edu