T. Andrew Yang

Email: yang@uhcl.edu

Web:  http://cse.uhcl.edu/yang/

Tel.: (281) 283-3835 

Last updated:

 

6/7: first posted

CSCI 4323 Computer Security

summer 2021  (6/77/30)

Important Information:

o   Visit https://blackboard.uhcl.edu/ to access your classes in the UHCL’s Blackboard system.

·       For those who are new to Blackboard, visit the UHCL's Blackboard Student Support page (at https://www.uhcl.edu/computing/course-development/blackboard-student-support) to become familiar with the Blackboard app.

·       Lectures will be hosted as Blackboard Collaborate Ultra sessions. To learn about the Blackboard Collaborate Ultra:

Video: Student Collaborate Tutorial - Accessing Collaborate in Blackboard [6:07]

Video: Student Collaborate Tutorial - How to View a Recorded Session [3:29]

NOTE: The above tasks should be done as soon as possible, ideally before the start of the new semester.

o   In the Blackboard, a discussion board is available for class-related announcements and discussions. Be sure to check the posted messages at least once a day.

o   Office hours by the professor are to be offered as online sessions using Blackboard Collaborate Ultra. You are encouraged to communicate your questions or issues via emails.

o   Office hours by the TA are offered as Zoom meetings. Check the TA information for details.

o   Important notes about using emails effectively:

Emailing has become an indispensable tool in most work places.

As part of this class’s activities, you are encouraged to contact the instructor via email at yang@uhcl.edu.

Emails without a subject line or the signature line will be considered as potentially malicious and be discarded. Here is a sample subject line: "CSCI 1320 assignment #1, question 3". The signature line should have your full name and the name of the class.

Although email messages tend to be informal, please check the grammar and spelling of your messages to ensure their legibility.

o   Try to provide sufficient details in your email message, such as the problem(s) you have encountered, the solution(s) you have tried, and the outcome you have got from these solution(s).

Class Notes, Topics & Schedule

- Print out the class notes for the day and bring them to the class.

Assignments & Projects

Time of sessions

Tuesdays & Thursdays, 3:00pm – 5:50pm

Note: The online sessions will be recorded. If you ever miss any of the sessions, be sure to watch the recorded video of the class session.

Course Description: Introduction to encryption and decryption; security mechanisms in computer architectures, operating systems, database, networks, and introduction to network security.

Prerequisite: CSCI 1370 Software Development with Java, or equivalent.

Course Objectives: Introduction to encryption and decryption; security mechanisms in computer programs, operating systems, databases, networks, administration of computer security, and legal/ethical issues in computer security.   This course provides foundation knowledge for further advanced study of security issues in computer systems and applications.

 

Learning Outcome:

  1. Understand the five security components (confidentiality, integrity, authenticity, availability, and non-repudiability), and apply them when evaluating a given security mechanism.
  2. Understand the process of developing a secure application, including development of security policies, sample policy languages, relationship between security policies and mechanisms, and different types of security mechanisms.
  3. Understand basic cryptography (encryption and decryption) and major cryptographical protocols, including symmetric and asymmetric cryptography, message digests, HMAC, digital signatures, digital certificates, key exchange, and key storage, etc.
  4. Develop sample applications using security protocols provided by a given language such as Java (JCA, JCE).
  5. Understand legal and ethical issues in computer security (privacy issues, Computer Security Act, HIPPA, etc.).
  6. Have an overall understanding of some security applications, including authentication, access control, network security, and system security.

Class Format: Lectures are combined with discussions and, if applicable, student presentations and discussions of advanced topics. Students are expected to be active participants, by studying the relevant chapters and/or research papers, and participating at in-class discussions.

Life-long learning

“Education is not something you can finish.” (Isaac Asimov)

A note about Bloom's Taxonomy and your learning

(source: https://tips.uark.edu/using-blooms-taxonomy/ )

 

Instructor: Dr. T. Andrew Yang

(office) Delta 174

(phone#) (281) 283-3835 (Please leave a message if not available.)

NOTE: If the suite office (D161) is locked, you may use the phone outside the office to call me (by entering the extension 3835).

(email address) yang@uhcl.edu

Important notes:

Emails without a subject line or a signature will be considered as potentially malicious and be discarded. Here is a sample subject line: "CSCI 1320 assignment #1, question 3".

Although email messages tend to be informal, please check the grammar and spelling of your messages to ensure their legibility.

Try to provide sufficient details in your email message, such as the problem(s) you have encountered, the solution(s) you have tried, and the outcome you have got from these solution(s).

(Web site)  http://cse.uhcl.edu/yang (or http://sceweb.uhcl.edu/yang)

Teaching assistant info and office hours:

Note: Contact the instructor (yang@uhcl.edu) immediately if you have any problem with the TA or the office hours.

 

TA name: Venkata Naga Bhaavagni Maddi

Contact Information:

UHCL email id: MaddiV4951@uhcl.edu

Email Address: bhaavagni.maddi99@gmail.com

Office Hours 

Monday:        8:00 AM - 1:00 PM

Tuesday:       8:00 AM - 11:00 AM

Wednesday:  9:30 PM - 12:30 PM

Thursday:      8:00 AM - 11:00 AM

 

Zoom Link for joining office hours :

Join Zoom Meeting

https://us05web.zoom.us/j/6895538478?pwd=cU9aelgwZm1tYVEvNW1iQ1NiYjgrZz09

Meeting ID: 689 553 8478

Passcode: gELJ9W

 

Required Text:

B: Matt Bishop. Introduction to Computer Security. Addison Wesley. 2004. (ISBN: 0321247442)

D: Wenliang Du, Computer & Internet Security: A Hands-on Approach, 2nd EditionMay 1, 2019ISBN-10: 1733003932, ISBN-13: 978-1733003933.

+ Instructor's handouts in the class and/or on the Web

Resources:

·       The SEED Security Labs: https://seedsecuritylabs.org/

·       SEED Cryptography Labs: https://seedsecuritylabs.org/Labs_16.04/Crypto/

·       Computer & Internet Securityslides, problems and labs: https://www.handsonsecurity.net/resources.html

Topics and Notes
NOTE: The following schedule will be adhered to as closely as possible, although changes are probable. Always check with your instructor if you are not sure what would be covered next week.

week (dates)

Topics & Slides (Book: Chapters)

Due Dates

1 (6/8, 10)

Syllabus
I. Fundamentals

- Overview of computer security (B: 1 )

- Overview: components and mechanisms

 

2 (6/15, 17)

- Security Policies (B: 4)

Quiz 1

Lab 1 (6/17)

3 (6/22, 24)

Sample midterm exam from the past

Test #1

II. Cryptography et. al.

- Symmetric Cryptography 1 (B: 8, D: 21)

Test #1 (6/22)

 

4 (6/29, 7/1)

- Asymmetric Cryptography 2 (B: 8, D: 23) + Extended Euclidean Algorithm (B: 31) + inverse.java (computing the inverse of a mod n, given a and n)

Quiz 2

 

Lab 2 (7/1)

5 (7/6, 8)

- Certificates (B: 9, D: 24)

Quiz 3

 

6 (7/13, 15)

Test #2

- Key Exchange (B: 9)

Test #2 (7/13)

 

Lab 3 (7/15)

7 (7/20, 22)

- Key Exchange (B: 9), continued

Quiz 4

 

Lab 4 (7/22)

8 (7/27, 29)

-       Review for the final exam: a sample final exam from the past

-       Before the final exam, take your online evaluation at https://apps.uhcl.edu/OnlineEvals

Quiz 5

 

Final Exam (7/29)

 

Evaluation:

Category

Percentage

Take-home labs (5% each x 4)

20%

Tests (15% each X 2)

30%

Quizzes (5% each X 4)

20%

Final exam

25%

Participation +++

5%

Total:

100%

++ Attendance Policy: You are expected to attend all classes. If you have ever missed an online session, be sure to watch the recorded session to learn what had been covered. It is your responsibility to get hold of whatever may have been discussed in the class.

+++ Class Participation: Participating in the class is expected. You should ask or answer questions during the in-class or online discussions.

Quizzes, Tests, and Exams:

In general, one quiz will be administered during the class sessions each week (except for those weeks when a test or exam is administered).

Questions asked in a quiz are related to the most recently discussed topics.

The instructor will pick the top 4 of your quizzes when calculating your grade for the quiz category.

No make-up quiz will be given.

Unless due to unexpected, documented emergency, no make-up tests or exams will be given.

Assignments and Late Penalty:

Assignments will be posted at the class web site as well as in the Blackboard. The due date and time of each assignment is specified when it is published in the Blackboard.

A late assignment will not be graded. No extension will be granted except for documented emergency. Starting to work on the assignments as early as possible is always the best strategy.

 

Assignments Guidelines:

1)     Identification page: All assignments must have your name, and course name/number/section number (e.g., CSCI 1320-02) at the top of the first page.

2)     Proper organization of submitted material: If your submission include multiple documents, combine all of them into a single document (for example, a single PDF or ZIP).

3)     Order! Order! Arrange the solutions following the sequence of the questions. Write the question number at the top-right corner of each page.

4)     Word processing: It is required that you type your reports (e.g., print them using a printer). Use a word processor and appropriate typesetting and/or drawing tools to do the assignments. Spell-check the whole document before printing it. You may lose points due to spelling or grammatical errors. 

NOTE: When a grade is assigned, the grade can only be appealed within a week after the grade has been posted.

A note about problem-solving:

An important part of problem solving is correct understanding of the given problem.

-        Try to have a good grasp of the problem before starting the process of finding the solution(s).

-        Use any resources, including the instructor, the TA, your classmates/friends, and online resources to ensure that you have correctly understood the given problem.

-        While trying to figure out the solution(s), continue to verify your understanding of the problem.

-        Read the given instructions carefully before taking any action; while preparing your solutions, be sure to follow the given instructions.

Grading Scale:

The accumulated points from all the categories determine a person's final grade. There will be no extra-credit projects.

Percentile

Grade

 

Percentile

Grade

90% or above

A

 

70% - 73%

C

87% - 89%

A-

 

67% - 69%

C-

84% - 86%

B+

 

64% - 66%

D+

80% - 83%

B

 

60% - 63%

D

77% - 79%

B-

 

57% - 59%

D-

74% - 76%

C+

 

Less than 57%

F

Exemption from the final exam:

Students who have performed fantastically well before the final exam may be exempted from taking the final exam. In general, students who have obtained an A grade before the final exam will be considered for such an exemption. However, it is up to the instructor to decide whether a person would be exempted, based on the overall performance.

Academic Honesty Policy:

NOTE: Unless otherwise specified, all assignments, projects, quizzes, tests and exams are individual work.

Students should take caution not to violate the academic honesty policy specified by the university.

Per the UHCL academic honesty policy, plagiarism is defined as follow.

Plagiarism:

a. Incorporating the work or idea of another person into one’s own work without acknowledging the source of that work or idea.

b. Attempting to receive credit for work performed by another person, including papers obtained in whole or part from individuals or other sources.

c. Copying copyrighted computer programs or data files belonging to someone else.

Instructor's Notes:

o   Important: If you think you have lost some points due to grading errors, make sure you approach the instructor within a week after the assignment, project, or test has been graded.

o   To get the most out of this class, you need to read the textbooks and spend time using computers regularly. Be prepared for a class by previewing the material to be covered in that class and participate in discussions and problem-solving exercises, if applicable, in the class.

o   Understanding what are covered in classes and taking notes are essential for successfully passing the exams.

o   As a student being trained to become a professional person, you are expected to behave according to the professional codes of conduct (e.g., the IEEE Code of Conduct) or code of ethics (e.g., the ACM Code of Ethics).

As a starting point, listed below are some of the common behaviors that do not conform to the codes of ethics:

·       Being regularly late for the class.

·       Chatting with another person while the instructor or someone is giving a speech in class.

·       Being regularly late when submitting assignments.

·       Asking the instructor or the TA for a favor when submitting a late assignment.

·       Checking out others’ answers during an exam.

·       Continuing to write when an exam’s time is up, or submitting an online exam past the due time.

·       Violating academic honesty when working on the assignments or exams.

·       Using others’ write-up without proper citing when writing a paper or report.

·      

Related Links:

·       UHCL General Program Requirements: https://catalog.uhcl.edu/current/

 

·       Withdrawals, Appeals, GPA, Repeated Courses, and the 6 Drop Rule: https://www.uhcl.edu/registrar/enrollment/six-drop-rule

 

·       ASSESSMENT FOR ACCREDITATION:

The School of Science and Computer Engineering may use assessment tools in this course and other courses for curriculum evaluation.  Educational assessment is defined as the systematic collection, interpretation, and use of information about student characteristics, educational environments, learning outcomes, and client satisfaction to improve program effectiveness, student performance, and professional success. This assessment will be related to the learning objectives for each course and individual student performance will be disaggregated relative to these objectives.  This disaggregated analysis will not impact student grades, but will provide faculty with detailed information that will be used to improve courses, curriculum, and student performance.

·       UHCL Disability Policy:

If you believe that you have a disability requiring an academic adjustment/auxiliary aid, please contact the Accessibility Support Center by phone at 281-283-2648, or email disability@uhcl.edu, or go to the office in the Student Services Building (SSCB), Room 1.302.

The University of Houston System complies with Section 504 of the Rehabilitation Act of 1973 and the Americans with Disabilities Act of 1990, pertaining to the provision of reasonable academic adjustments/auxiliary aids for students with a disability. In accordance with Section 504 and ADA guidelines, each University within the System strives to provide reasonable academic adjustments/auxiliary aids to students who request and require them.

 

Go to the Index

 

The documentation below contains language approved by the Office of General Council from UH System for inclusion in all syllabi. 

 

Syllabus Changes (required for all courses)

 

Due to the changing nature of the COVID-19 pandemic, please note that the instructor may need to make modifications to the course syllabus and may do so at any time. Notice of such changes will be announced as quickly as possible through (specify how students will be notified of changes).

 

Recording of Class (required for all courses)

 

Students may not record all or part of class, livestream all or part of class, or make/distribute screen captures, without advanced written consent of the instructor. If you have or think you may have a disability such that you need to record class-related activities, please contact the Accessibility Support Center. If you have an accommodation to record class-related activities, those recordings may not be shared with any other student, whether in this course or not, or with any other person or on any other platform. Classes may be recorded by the instructor. Students may use instructor’s recordings for their own studying and notetaking. Instructor’s recordings are not authorized to be shared with anyone without the prior written approval of the instructor. Failure to comply with requirements regarding recordings will result in a disciplinary referral to the Dean of Students Office and may result in disciplinary action.

 

Face Covering Policy (required for courses with a face-to-face component)

 

To reduce the spread of COVID-19, UHCL requires face coverings on campus including classrooms for both faculty and students.  Face coverings must cover your mouth and nose and be worn throughout the class session.  A mask with a valve is not considered an adequate face covering and should not be used, as it can expel exhaled air, increasing the risk to others. Eating or drinking during class is discouraged and is not an excuse for removing the face covering for any extended length of time.  Failure to comply with the requirement to wear a face covering in class will result in your being asked to leave the classroom immediately and a disciplinary referral through the Dean of Students Office. Exceptions will also be made for those individuals who, due to a specific medical condition, cannot wear a face covering and have received an accommodation. Requests for an exception due a medical condition for students will be handled by the Accessibility Support Center.

 

Required Daily Health Self-Assessment (required for courses with a face-to-face component; recommended for all courses)

 

Your presence in class each session means that you have completed a daily self-assessment of your health/exposure and you:

o   Are NOT exhibiting any Coronavirus Symptoms

o   Have NOT tested positive for COVID-19

o   Have NOT knowingly been exposed to someone with COVID-19 or suspected/presumed COVID-19

If you are experiencing any COVID-19 symptoms that are not clearly related to a pre-existing medical condition, do not come to class. Please complete COVID-19 Report of Diagnosis/Symptoms. If you believe you may have been exposed please complete COVID-19 Report of Exposure.

 

Helpful Links:

 

COVID-19 Updates: https://www.uhcl.edu/health-alert/

 

Online Learning Assistance and Reimbursement Program (OLARP): https://www.uhcl.edu/dean-of-students/emergency-assistance/online-learning-assistance

 

Go to the Index