|
CSCI 5233-01 Computer Security
& Cryptography
Fall 2018
(8/27 – 12/8
+ final exam)
Time
& Classroom
Tues.
& Thur., 2:30 - 4:50pm (Delta 203)
Course Description: Introduction to encryption and decryption;
security mechanisms in computer architectures, operating systems, database,
networks, and introduction to security.
Prerequisite:
Java Programming, CSCI 4333 and CSCI 4534, or equivalents.
Special
Note: Students who have completed CSCI4323
(Computer Security) are not allowed to take this course. Instead, please
consider taking CSCI5235 Network Security, CSCI5234 Web Security, or other
advanced courses.
Course Objectives: This
course covers fundamental knowledge related to computer security, and lays
foundation for further advanced study of security issues in computer systems
and applications.
Learning Outcome:
- Understand the five security components (confidentiality,
integrity, authenticity, availability, and non-repudiability), and apply
them when evaluating a given security mechanism.
- Understand the process of developing
a secure application, including development of security policies, sample
policy languages, relationship between security policies and mechanisms,
and different types of security mechanisms.
- Understand basic cryptography
(encryption and decryption) and major cryptographical protocols,
including symmetric and asymmetric cryptography, message digests, HMAC,
digital signatures, digital certificates, key exchange, and key storage,
etc.
- Develop sample applications using
security protocols provided by a given language such as Java (JCA, JCE).
- Understand legal and ethical issues
in computer security (privacy issues, Computer Security Act, HIPPA,
etc.).
- Have an overall understanding of some
security applications, including authentication, access control, network
security, and system security.
Class Format: Lectures
are combined with discussions and, if applicable, student presentations and
discussions of advanced topics.
Effective Learning Strategies: Students are expected to be active participants, by studying
the relevant chapters and/or research papers, and participating at in-class
discussions.
·
A note about Bloom's Taxonomy
and your learning …
"Learning is a type
of problem solving."
"The ultimate goal
of learning is to learn how to learn effectively."
"The world
constantly looks for problem solvers. Make yourself be useful by becoming a
good problem solver."
Instructor:
Dr. T. A. Yang
|
(office) Delta 174
|
|
(phone#) (281)
283-3835 (Please leave a message if not available.)
(email address) yang@uhcl.edu
|
|
Important
notes:
Emails
without a subject line or signature will be considered
as potentially malicious and be discarded. Here is a sample subject line: "CSCI5233 project #1,
question 1".
Although
email messages tend to be informal, please check the grammar and spelling
of your messages to ensure their legibility.
|
|
(Web site) http://cse.uhcl.edu/yang
NOTE: Find the assignments and/or projects at the Assignments & Projects page.
|
|
Office
Hours : See
http://cse.uhcl.edu/yang/teaching/officeHours.htm
NOTE: In addition, you are highly encouraged to send your
questions to me by e-mails (yang@uhcl.edu).
Try to provide sufficient details in your email message, such as the problem(s) you have encountered, the solution(s) you
have tried, and the outcome you have got from these solution(s).
|
Teaching assistant info and office hours:
|
TA - Mohamed Nasardeen, Mohamed Ifthikhar
email: MohamedNasarM9652@UHCL.edu
Office Hours –
Monday: 9AM - 1PM
Tuesday: 8 AM - 9 AM and 4 PM- 6 PM
Wednesday: 9 AM - 12 PM
Thursday: 12 PM- 4 PM
Location – Delta 2nd floor computer lab
Note: Contact the
instructor immediately if you’ve got any problem with the TA or the office
hours.
|
Required Text:
+ Instructor's handouts in the class and/or on the Web
Recommended:
|
·
David
Hook, Beginning
Cryptography with Java. Wiley, August 2005. (ISBN: 978-0-7645-9633-9.
Note: Visit the publisher’s site to purchase the
e-book.)
·
Jess Garms and Daniel Somerfield. Professional
Java Security. Wrox. 2001. (ISBN:
1861004257)
·
Scott Oaks. Java
Security (2nd Edition). O'Reilly Media. 2001.
(ISBN: 0596001576)
·
Jason Weiss. Java
Cryptography Extensions: Practical Guide for Programmers. Morgan Kaufmann.
2004. (ISBN: 0127427511)
|
References and Resources:
Ongoing research in UHCL
related to computer security
Past and current advanced
courses related to computer security (Web Security, Network Security,
Wireless security, etc.)
UHCL’s Cyber Security Institute
Topics
and Notes
NOTE: The following schedule will be followed as much as possible, although changes are
probable. Always check with your instructor if you are not sure what would be covered next week.
|
week
(dates)
|
Topics & Slides (Book:
Chapters)
|
Due
Dates
|
|
1
(8/28, 30)
|
Syllabus
I. Fundamentals 1
-
Overview of computer security (Ch 1 )
- Overview: components and
mechanisms
|
|
|
2
(9/4, 6)
|
-
Access Control Matrix (Ch 2)
|
|
|
3
(9/11, 13)
|
-
Security Policies (Ch 4)
|
|
|
4
(9/18, 20)
|
II.
Cryptography et. al.
- Basic Cryptography 1 (Ch 8)
|
Lab 1
By default, labs are due Tuesday (at the beginning of the class),
unless otherwise specified.
|
|
5
(9/25, 27)
|
- Basic Cryptography 2 (Ch 8) + Extended Euclidean
Algorithm (Ch. 31) + inverse.java
(computing the inverse of a mod n, given a and n)
|
|
|
6
(10/2, 4)
|
-
Digital Signatures
(Ch 9)
|
Lab 2
|
|
7
(10/9, 11)
|
-
Certificates (Ch 9)
|
|
|
8
(10/16, 18)
|
Review outline & sample
exam
Midterm
Exam
|
Midterm
Exam
(10/18)
|
|
9
(10/23, 25)
|
-
Key Exchange (Ch 9)
|
|
|
10
(10/30, 11/1)
|
-
Key Storage (Ch 9)
|
Lab 3
|
|
11
(11/6, 8)
|
-
Cipher Techniques (Ch 10) + RSA FAQs 2.1.4 and 2.1.5
|
|
|
12
(11/13, 15)
|
-
Authentication (Ch 11)
|
Lab 4
|
|
13
(11/20, 22)
|
VI.
Practicum
- Basics of Network
Security (Ch 10)
-
Network Security (Ch 23)
|
|
|
14
(11/27, 29)
|
-
System Security (Ch 24)
|
Lab 5
|
|
15
(12/4, 6)
|
HIPAA
training: https://www.youtube.com/watch?v=s9znUYvVO4A
> Fill out your online
evaluation at https://apps.uhcl.edu/OnlineEvals
|
|
|
Final
exam
|
Final
exam: comprehensive, open-book
(Tuesday,
Dec. 11, 1pm - 3pm)
|
Final exam
|
Computer Labs
- The Windows Lab (Delta 119) is
equipped with computers that have been properly
configured to run Java applications requiring JCE and JDK.
Evaluation:
|
Labs (7% each x 5)
|
35%
|
|
Midterm Exam (closed
book)
|
30%
|
|
final exam (open book)
|
30%
|
|
In-class and online
Participations
|
5%
|
|
Total:
|
100%
|
NOTE:
The accumulated points from all the
categories determine a person's final grade. There will be no extra-credit
projects.
Grading
Scale:
|
Percentile
|
Grade
|
|
93% or above
|
A
|
|
90% - 92%
|
A-
|
|
87% - 89%
|
B+
|
|
84% - 86%
|
B
|
|
80% - 83%
|
B-
|
|
77% - 79%
|
C+
|
|
74% - 76%
|
C
|
|
70% - 73%
|
C-
|
|
60%-69%
|
D
|
|
59% or below
|
F
|
Tests & Exams:
Both
analytic and synthetic abilities are emphasized.
Being able to apply the learned knowledge toward problem solving is also
highly emphasized in the tests.
Unless
due to unexpected, documented emergency, no make-up exams will
be given. No make-up exams will be granted once the exams have been corrected and
returned to the class.
Assignments
and Late Penalty:
Assignments
and projects will be posted at the class web site. Assignments
& projects are due before the beginning of the class on the due day.
See Topics and Notes for the due dates.
After the beginning of the class on the due day, points will
be deducted from late assignments: 20% for the first 24 hours
after the due time, 40% for the next 24 hours, 70% for the third 24 hours,
and 100% after that. No extension will be granted
except for documented emergency. Starting to work on the assignments as early
as possible is always the best strategy.
Academic Honesty Policy:
Unless otherwise specified, all assignments and
projects are individual work. Students should take caution not to violate the academic
honesty policies. Check out the details at this
link.
Assignments Guidelines:
a. Identification page: All assignments must have your
name, and course name/number/section number (e.g., CSCI5233-01) at the top of
the first page.
b. Proper stapling: Staple all the pages together at
the top-left corner. NOTE: Do not use paper clips.
c.
Order! Order! Arrange the solutions following the sequence of the
questions. Write the question number at the top-right corner of each page.
d. Word processing: It is required that you type your
reports (e.g., print them using a printer). Use a word processor and
appropriate typesetting and drawing tools to do the assignments. Spell-check
the whole document before printing it. You may lose points due to spelling or
grammatical errors.
Projects:
The
projects will involve the design and implementation of encryption/decryption
algorithms and/or application of the algorithms to real-world problems.
Students are expected to employ the theories and
techniques learned in the class to design the system.
Details
of the projects will be later made available at Assignments & Projects.
Attendance
Policy:
You
are expected to attend all classes. If you ever miss
a class, it is your responsibility to get hold of whatever may
have been discussed in the class.
Instructor's Notes:
- Important: If you think you have lost some
points due to grading errors, make sure you approach the instructor within
a week after the assignment, project, or test is
returned to you.
- To get the most out
of this class, you need to read the textbooks and spend time using
computers regularly. Be prepared for a class by previewing the material
to be covered in that class and participate in
discussions and problem-solving exercises, if applicable, in the class.
- Due to the
intensive nature of graduate classes, 15-20 hours per week are expected of students in studying the
textbook/notes and working on the assignments, in addition to class
attendance. Expect to spend more
hours during summer sessions.
- Take detailed notes
in class. Thorough understanding of what are
covered in classes is essential for successfully passing the
exams.
Quality! It
is expected that each student gives best effort to
aim for high quality of his/her work.
"The quality of a person's life is in direct proportion
to their commitment to excellence, regardless of their chosen field of
endeavor." -- Vince Lombardi
"Be a yardstick of quality. Some people aren't used to an
environment where excellence is expected." -- Steve Jobs
Related Links:
|
·
UHCL
General Program Requirements: http://www.uhcl.edu/XDR/Render/catalog/archives/125/06/
·
Withdrawals,
Appeals, GPA, Repeated Courses, and the 6 Drop Rule: http://www.uhcl.edu/XDR/Render/catalog/archives/125/06/%23A0110#A0110
·
ASSESSMENT
FOR ACCREDITATION:
The School of Science and Computer
Engineering may use assessment tools in this course and other courses for
curriculum evaluation. Educational assessment is defined as the systematic collection, interpretation,
and use of information about student characteristics, educational
environments, learning outcomes, and client satisfaction to improve program
effectiveness, student performance, and professional success. This
assessment will be related to the learning
objectives for each course and individual student performance will be
disaggregated relative to these objectives.
This disaggregated analysis will not impact
student grades, but will provide faculty with detailed information that
will be used to improve courses, curriculum, and student performance.
·
UHCL Disability Policy:
If you believe
that you have a disability requiring an academic
adjustment/auxiliary aid, please contact Disability Services by phone at
281-283-2648, or email disability@uhcl.edu, or go to the office
in the Student Services Building (SSCB), Room 1.302.
The University of Houston
System complies with Section 504 of the Rehabilitation Act of 1973 and the
Americans with Disabilities Act of 1990, pertaining to the provision of
reasonable academic adjustments/auxiliary aids for students with a
disability. In accordance with Section 504 and ADA guidelines, each
University within the System strives to provide reasonable academic
adjustments/auxiliary aids to students who request and require them.
|
Go to the Index
|