COURSE NUMBER & TITLE:CSC-435 Computer Security
PREREQUISITES:CSC 430 (Data Communications) or permission of the instructor.
This course is designed for seniors and IT professionals to learn computer and network security theories and practices that can be used to significantly reduce the security vulnerability of computers on internal networks or the Internet. The course assumes some familiarity with various operating systems and computer networks. Topics include cryptography, program security, operating systems security, database security, network security, security administration, computer ethics and legal issues.
Purchase books/supplies Online at NSU Barnes & Nobles Bookstore (http://norfolkstate.bncollege.com)
The Department of Computer Science is located in Suite 320 Robinson Technology Center. The individual faculty offices are located within the suite.
This course is an advanced elective course for the Bachelor of Science degree.
|1.0 Security Basics||1.1 Meaning of Computer Security
1.3 Security Goals
1.4 Computer Crime and Criminals
1.5 Methods of Defense
|2.0 Elementary Cryptography
||2.1 Symmetric Encryption
2.2 Public Key Cryptography
2.2.3 Hash Functions
2.2.4 Key Exchange
2.2.5 Digital Signatures
2.2.6 Digital Certificates
|3.0 Program security
||3.1 Secure Programs
3.1.1 Fixing Faults
3.1.2 Unexpected Behavior
3.1.3 Types of Flaws
3.2 Non Malicious Program Errors
3.2.1 Buffer Overflows
3.2.2 Incomplete Mediation
3.2.3 Time-of-Check to Time-of-Use Errors
3.3 Viruses and Other Malicious code
3.4 Covert Channels
3.5 Controls Against Program Threats
3.5.1 Secure Software Development
3.5.2 Software Testing
3.5.3. Proof of Correctness
|4.0 Protection Mechanisms in Operating Systems||4.1 Access Control
4.2 File Protection Mechanisms
4.3 User Authentication
|5.0 Trusted System Design||5.1 Trusted Systems
5.2 Security Policies
5.2.1 Military Security
5.2.2 Commercial security policies
5.3 Trusted Operating Systems Design
5.3.2 Mandatory and Discretionary Access Control
5.3.3 Object Reuse
5.3.4 Complete Mediation
5.3.5 Trusted Path
5.3.6 Accountability and Audit
5.3.7 Intrusion Detection
5.4 Assurance in Trusted Operating Systems
5.5 Evaluation and The Common Criteria
|6.0 Database Security||6.1 Database Concepts
6.2 Security Requirements
6.3 Reliability and Integrity
6.4 Sensitive Data
6.6 Multilevel Security
|7.0 Security in Networks||7.1 Media
7.4 Threats in a Network
7.5 Network Security Controls, COMSEC
7.7 Intrusion Detection Systems
7. 8 Secure Email
|8.0 Administering Security
||8.1 Security Planning
8.2 Risk Analysis
8.3 Organizational Security Policies
8.4 Physical Security
|9.0 Legal, Ethical and Privacy in Computer Security
||9.1 Protecting Programs and Data, Information and the Law
9.2 Rights of Employees and Employers, Redress for Software failures ,Computer crime and Ethical Issues
9.3 Privacy in Computing
9.3.1 Principles and Policies
9.3.2 Privacy in Computing
9.3.3 Privacy on the Internet
9.3.4 Authentication and Privacy
9.3.5 E-mail Security
The instructor reserves the right to revise the grading criteria as appropriate and will make reasonable attempts to notify students.
Students are expected to adhere to the university's standard of conduct and the ACM Code of Ethics (http://www.acm.org/constitution/code.html). Honor code violations and ethical standards are enforced as in the Student Handbook.
The college of Science, Engineering, and Technology provides tutoring services through the STARS Tutoring Center for those NSU student who may be experiencing difficulties in Mathematics, Computer Science, Engineering, Biology, Chemistry, Nursing, Technology and Physics courses. The STARS office is located in Suite 100, RTC. This service is free of charge and provided to NSU students only. You can access information about this service by going to http://stars.nsu.edu.
In accordance with Section 504 of the Rehabilitation Act of 1973 and the Americans with Disabilities Act (ADA) of 1990, we ask if you have a disability or think you have a disability, please contact the
As part of NSU's commitment to provide the environment and resources needed for success, students may be required to participate in a number of university-wide assessment activities. The activities may include tests, surveys, focus groups and interviews, and portfolio reviews. The primary purpose of the assessment activities is to determine the extent to which the university's programs and services maintain a high level of quality and meet the needs of students. Students will not be identified in the analysis of results. Unless indicated otherwise by the instructor, results from University assessment activities will not be computed in student grades.
All first-time freshmen and readmitted students entering Fall 2001 and thereafter and transfer students entering Fall 2002 and thereafter are required to take an exit examination to assess writing competency. After completing ENG 102, students must register for ENG 299 (no credit, no charge) until successfully passing the Examination of Writing Competency. Degree-seeking students at the baccalaureate level are required to take the writing examination before completing 90 semester hours. Associate degree-seeking students must take the exam no later than one semester prior to the anticipated date of graduation. For more information, refer tot he NSU Undergraduate catalog.
A student is expected to attend all classes. The student assumes all responsibility for work missed due to an absence. Make-up work may be permitted at the discretion of the instructor. Refer to the NSU Student Handbook (https://www.nsu.edu/Assets/websites/student-affairs/student-handbook/NSU-Student-Handbook.pdf)
In an effort to keep student informed about Norfolk State University updates and account information, students must check their official NSU email account frequently. You may access your official NSU email account through the MyNSU portal at https://www.nsu.edu/mynsu/index. Once there, follow instructions provided to login to the MyNSU portal (NOTE: you access your NSU email from within the MyNSU portal).