Fall 2011
ISA 562 - Information Security Theory and Practice
Monday 7:20 p.m. - 10:00 p.m.
Krug Hall 242
Dr. Michael Smeltzer
msmeltze at gmu dot edu
Office Hours: By Appointment
DESCRIPTION :
ISA 562 Course Web Page
Course Catalog: A technical introduction to the theory and practice of information security, which serves as the first security course for the MS-ISA degree, is required as a prerequisite for all subsequent ISA courses (at the 600 and 700 levels) and subsumes many topics covered by the CISSP examination. Also serves as an entry-level course available to non-ISA students, including MS-CS, MS-IS, and MS-SWE students.
PREREQUISITES :
INFS 501 - Discrete and Logical Structures for Information Systems
INFS 515 – Computer Organization
INFS 519 - Program Design and Data Structures
SWE 510 - Object-Oriented Programming in Java
The following concepts from INFS 501 will be used in the course with minimal or no instruction:
-
Discrete math notation
-
Boolean logic
-
Directed graphs
-
Functions, relations; POSets, and lattices
-
Modular Arithmetic
-
Finite State Machines (1. I will define and talk about Turing Machines
as a way to address decidability regarding security of a system. 2. I may
also touch on the subject of Formal Languages and the associated notation to
explain one of the access control models.)
TEXT:
Bishop, Matt.
Computer Security: Art and Science. Addison Wesley/Pearson. 2003. 11th Printing 2009. Errata
ADMINISTRATIVE:
UNOFFICIAL DROP DATES
Last day to drop with no tuition liability: Sep 6
Last day to drop with 33% tuition penalty: Sep 19
Last day to drop with 67% tuition penalty: Sep 30
Last day to drop with no academic liability: Sep 30
LECTURES:
| WEEK |
TOPIC |
| 8/29
|
Introduction
|
| 9/5 |
Labor Day
|
| 9/12 |
Access Control Matrix
|
| 9/19 |
Decidability of Safe Systems
|
| 9/26 |
Decidability of Safe Systems
|
| 10/3 |
Exam 1
|
| 10/10 |
Security Policies and Policy Languages
|
| 10/17 |
Bell LaPadula and LBAC/MAC
|
| 10/24 |
Integrity Policies (Biba and Clark Wilson)
|
| 10/31 |
Hybrid Policies (Chinese Wall, ORCON, RBAC)
|
| 11/7 |
Exam 2
|
| 11/14 |
Basics of Cryptography
|
| 11/21 |
Basics of Cryptography
Key Management
|
| 11/28 |
Key Management
Authentication
|
| 12/5 |
Authentication
|
| 12/19 |
Exam 3 7:30 - 9:30
|
HOMEWORK:
There will be five homework assignments, approximately one every two weeks. They will be posted on the class web page and should be printed out and handed in before class on the due date.
GRADING:
Grades will be calculated as follows:
- Normalize the 100 percentile for each component using the highest score in the class.
- Use a weighted average the individaul percentage scores to allocates points as follows:
| |
Weight |
| Exam 1 |
30% |
| Exam 2 |
30% |
| Exam 3 |
30% |
| Homework |
10% |
- Assign grades
A: 90% -100%
B: 70% - 90%
C: 60% - 70%
F: Below 60%
EXAMS:
There will be three exams which will carry equal weight. They will NOT be cumulative
-
Exam 1 - October 3
-
Exam 2 - Nov 7
-
Exam 3 - Dec 19
GMU Honor Code.
University Finals Schedule
You can NOT make up the exams, and you must take the final during the registrar's official scheduled time slot
- Coordinate your travel accordingly.
I reserve the right to compare papers submitted by students to any other papers written in this class, in another class or anywhere else by any means necessary (automated or non-automated) to identify plagerism which is a violation of the GMU Honor Code. Please notice that the Dean has identified plagiarism as a serious problem at every level of study, and any identified plagiarism will be reported to GMU as an honor code violation.
There will NOT be an option for extra credit.