T. Andrew Yang
 
Email: yang@uhcl.edu
Web page:  http://sce.uhcl.edu/yang/
Tel.: (281) 283-3835

Last updated: 08/05
CSCI5233 Computer Security & Integrity

Fall 2005  (8/22 - 12/3 + final week)
  • Check the discussion group for recent announcements & reminders.  To join the group, you'd need to have a yahoo id. To be accepted into the discusssion group, make sure that your yahoo id contains both your ffirst and last names. If you have not joined the discussion group yet, you may join at http://groups.yahoo.com/group/ComputerSecurityFall05/.
Class Notes, Topics & Schedule
- Print out the class notes and bring them to the class.
 Assignments & Projects
Announcements
Office Hour
Time & Classroom:

Sec 1: Tu. 7-9:50pm (Delta 214 Delta 204) <-- Note: Room change

Sec 2: Wed. 1-3:50pm (Delta 242)

Prerequisite:  Design of Database Systems (CSCI 4333) and Operating Systems (CSCI 4534).

Special Note: Students who have completed CSCI4931 (Select Topics: Computer Security) are not allowed to take this course. Instead, please consider taking CSCI5931 Network Security (usually offered in the spring semester) or CSCI5234 Web Security (usually offered in the fall).

Course Objectives:  Introduction to encryption and decryption; security mechanisms in computer programs, operating systems, databases, networks, administration of computer security, and legal/ethical issues in computer security.   This course provides foundation knowledge for further advanced study of security issues in computer systems and applications.

Class Format:  Lectures are combined with discussions and, if applicable, student presentations and discussions of advanced topics.  Students are expected to be active participants, by studying the relevant chapters and/or research papers, and participating at in-class discussions.

Instructor:   Dr. T. A. Yang

(office) Delta 106
(phone#) (281) 283-3835 (Please leave a message if not available.) 
NOTE: If the suite office is locked, you may use the phone outside the office to call me (by entering the extension 3835).
(email address) yang@uhcl.edu
Important note: Emails without a subject line or signature will be considered as potential viruses and be discarded.  Here is a sample subject line: "CSCI5233 project #1, question 1".
(web site)  http://sce.uhcl.edu/yang
NOTE: Find the assignments and/or projects at the  Assignments & Projects page.
Office Hours : See http://sce.uhcl.edu/yang/teaching/officeHours.htm
NOTE: In addition, you are highly encouraged to send your questions to me by e-mails ( yang@uhcl.edu). Try to provide sufficient details in your email message, such as the problem(s) you have encountered, the solution(s) you have tried, and the outcome you have got from these solution(s).

Teaching Assistant: 

Name: Pooja Nair (email: poojanair@gmail.com)

Location: PC LAB / NT LAB

Office Hours:
               Tuesday: 3 pm -- 9pm
               Wednesday: 3 pm -- 9pm
               Thursday: 4 pm -- 6pm

Required Text:

B:  Matt Bishop. Computer Security - Art and Science. Addison Wesley. 2003. (ISBN: 0-201-44099-7)
GS:

Jess Garms and Daniel Somerfield. Professional Java Security. Wrox. 2001.  (ISBN: 1861004257)

Note: You may purchase an electronic copy of the Java Security book from its current owner, APress.com, by clicking here. The cost is $20. Alternatively, you may check out the Amazon.com used book sale to find a used copy.

+ Instructor's handout in the class and/or on the Web
  • Supplemental Materials:
    • Books:
      • Pistoia, Marco, Duane F. Reller, Deepak Gupta, Milind Nagnur, Ashok Ramani, Java 2 Network Security, 2 nd Edition , Prentice Hall, 2000.
      • Rescorla, Eric, SSL and TLS: Designing and Building Secure Systems , Addison Wesley Professional, 2001.
      • Schneier, Bruce, Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2 nd Edition , Wiley, 1996
  • References and Resources:

Topics and Notes 
NOTE: The following schedule will be followed as much as possible, although changes are probable.  Always check with your instructor if you are not sure what would be covered next week.

wk: dates
Topics & Slides (Book: Chapters)
Due
1: 8/23 - section 1
(8/24 - section 2)
 Syllabus
I. Fundamentals 1
- Overview of computer security ( B: Ch 1 )
2:  8/30 (8/31)
 - Java Security Introduction (GS:  Ch 1)
- Access Control Matrix (B: Ch 2)

3: 9/6 (9/7)
 - Security Policies (B: Ch 4)
 Assign 1
4 9/13 (9/14)
 II. Cryptography et. al.
- Basic Cryptography 1 (B: Ch 9)

5: 9/20 (9/21)

- Basic Cryptography 2 (B: Ch 9) + Extended Euclidean Algorithm (B: Ch. 31) + inverse.java (computing the inverse of a mod n, given a and n) + Applet for computing Extended Euclidean Algorithm
- Cryptography in Java (GS: Ch 3)

Project 1 (design)

cancelled due to hurricane

6: 9/27 (9/28)
 - Symmetric Encryption in Java (GS: Ch 4)
- Asymmetric Encryption in Java (GS: Ch 5)
 cancelled due to hurricane
7: 10/4 (10/5)

midterm exam (closed book)

- Basic Cryptography 2 (B: Ch 9) + Extended Euclidean Algorithm (B: Ch. 31) + inverse.java (computing the inverse of a mod n, given a and n) + Applet for computing Extended Euclidean Algorithm
- Cryptography in Java (GS: Ch 3)

midterm exam

Project 1 (design) <-- New date
8: 10/11 (10/12)

midterm exam (closed book) <-- New date

- Message Digest, Digital Signatures in Java (GS: Ch 6)
- Digital Signatures (B: Ch 10)

midterm exam

9: 10/18 (10/19)
 - Certificates, PKI in Java (GS: Ch 6)
- Certificates (B: Ch 10)

Project 1 final report <-- New date
* 10/24: Last day to drop a class
10: 10/25 (10/26)
 - Key Exchange (B: Ch 10)
- Key Storage (B: Ch 10) 		Project 2 (Part A)
11: 11/1 (11/2)
 - Cipher Techniques (B: Ch 11) + RSA FAQs 2.1.4 (What is a block cipher?) and 2.1.5 (What is a stream cipher?)
- Authentication (B: Ch 12)

Project 2 (Part A) <-- New

Assign 2 <-- New date

12: 11/8 (11/9)
 III. Development of Secure Systems
- Representing Identity (B: Ch 14)
13: 11/15 (11/16)
 		VI. Practicum
- The Distributed Computer Security Lab at UHCL
- Basics of Network Security (B: Ch 11)
- Network Security (B: Ch 26) 		Assign 3
14: x (x)
 Thanksgiving break; no class meeting
15: 11/29 (11/30)
 - System Security (B: Ch 27) Project 2 Part B
16: 12/6 (12/7)
 Final exam: comprehensive, open-book
   Section 1: Tues. 12/6, 7-9:50pm
   Section 2: Wedn. 12/7, 1-3:50pm
 final week

  Computer Labs & Hours

Check http://sce.uhcl.edu/computing.asp for lab information, open hours, FAQs, etc.
The Distributed Computer Security Lab at UHCL.
Evaluation:
category
percentage
assignments
15%
projects and/or presentations
20%
closed-book exams
30%
final exam
35%
NOTE:  The accumulated points from all the categories determine a person's final grade. There will be no extra-credit projects.
Grading Scale:
Percentile
Grade
93% or above
A
90% - 92%
A-
87% - 89%
B+
84% - 86%
B
80% - 83%
B-
77% - 79%
C+
74% - 76%
C
70% - 73%
C-
60%-69%
D
59% or below
F
Tests:
Both analytic and synthetic abilities are emphasized. Being able to apply the learned knowledge toward problem solving are also highly emphasized in the tests. 
Assignments and Late Penalty:
Assignments and projects will be posted at the class web site. Assignments & projects are due before the beginning of the class on the due day.  See Topics and Notes for the due dates. 

Points will be deducted from late assignments: 20% for the first 24 hours after the due time, 40% for the next 24 hours, 70% for the third 24 hours, and 100% after that. No extension will be granted except for documented emergency. S tarting to work on the assignments as early as possible is always the best strategy.
NOTE: Unless otherwise specified, all assignments and projects are individual work.  Students should take caution not to violate the academic honesty policies.  See  http://b3308-adm.uhcl.edu/PolicyProcedures/Policy.html for details.
Assignments Guidelines:

a. Identification page: All assignments must have your name, and course name/number/section number (e.g., CSCI5233-02) at the top of the first page.

b. Proper stapling:  Staple all the pages together at the top-left corner. NOTE: Do not use paper clips.

c. Order ! Order!  Arrange the solutions following the sequence of the questions. Write the question number at the top-right corner of each page.

d. W ord  processing:  It is required that you type your reports (e.g., print them using a printer). Use a word processor and appropriate typesetting and drawing tools to do the assignments. Spell-check the whole document before printing it. You may loose points due to spelling or grammatical errors. 

Projects:

The projects will involve the design and implementation of encryption/decryption algorithms and/or application of the algorithms to real-world problems .  Students are expected to employ the theories and techniques learned in the class to design the system.  

Details of the projects will be later made available at Assignments & Projects

Attendance Policy:

You are expected to attend all classes. If you ever miss a class, it is your responsibility to get hold of whatever may have been discussed in the class.
Instructor's Notes:
  • Unless due to unexpected, documented emergency, no make-up exams will be given.   No make-up exam s will be granted once the exams have been corrected and returned to the class. 
  • Important:   If you think you have lost some points due to grading errors, make sure you approach the instructor within a week after the assignment, project, or test is returned to you .  
  • To get the most out of this class, you need to read the textbooks and spend time using computers regularly.  Be prepared for a class by preview the material to be covered in that class and participate in discussions and problem-solving exercises, if applicable, in the class.
  • Due to the intensive nature of graduate classes, 15-20 hours per week are expected of students in studying the textbook/notes and working on the assignments, in addition to class attendance.   Expect to spend more hours during summer sessions.

  Go to the Index

dd   Main Page

dd   Biography

dd   Teaching

dd    Research

dd    Services

dd   Other Links