MET CS 674 C1/EL Spring 2017: DATABASE SECURITY SYLLABUS

Similar documents
Database Security MET CS 674 On-Campus/Blended

BOSTON UNIVERSITY Metropolitan College MET CS342 Data Structures with Java Dr. V.Shtern (Fall 2011) Course Syllabus

Rochester Institute of Technology Golisano College of Computing and Information Sciences Department of Information Sciences and Technologies

Advisory: Students should have already taken MICROCOMPUTER APPLICATIONS II - 431

Dr. Angela Guercio Dr. Natalia Dragan. Spring 2011

San Jose State University College of Science Department of Computer Science CS151, Object-Oriented Design, Sections 1, 2, and 3, Spring 2018

San Jose State University College of Science Department of Computer Science CS151, Object-Oriented Design, Sections 1,2 and 3, Spring 2017

CSCI 201L Syllabus Principles of Software Development Spring 2018

CS 241 Data Organization. August 21, 2018

Additionally, if you are ing me please place the name of the course in the subject of the .

Advanced Relational Database Management MISM Course S A3 Spring 2019 Carnegie Mellon University

INFS 2150 (Section A) Fall 2018

COURSE SYLLABUS ****************************************************************************** YEAR COURSE OFFERED: 2015

San José State University Computer Science Department CS157A: Introduction to Database Management Systems Sections 5 and 6, Fall 2015

INF 315E Introduction to Databases School of Information Fall 2015

USF Sarasota-Manatee - New Undergraduate Course Proposal Form

MSIS-DL 317 Syllabus. Faisal Akkawi, Ph.D. Introduction to Databases Fall 09

CMSC Introduction to Database Systems

ITSY Information Technology Security Course Syllabus Spring 2018

CS 241 Data Organization using C

San Jose State University College of Science Department of Computer Science CS185C, Introduction to NoSQL databases, Spring 2017

ITS310: Introduction to Computer Based Systems Credit Hours: 3

Course and Contact Information. Course Description. Course Objectives

CASPER COLLEGE COURSE SYLLABUS MSFT 1600 Managing Microsoft Exchange Server 2003 Semester/Year: Fall 2007

INST Database Design and Modeling - Section 0101 Spring Tentative Syllabus

PELLISSIPPI STATE COMMUNITY COLLEGE MASTER SYLLABUS ADVANCED DATABASE MANAGEMENT SYSTEMS CSIT 2550

San José State University Computer Science Department CS49J, Section 3, Programming in Java, Fall 2015

Internet Web Technologies ITP 104 (2 Units)

ISM 324: Information Systems Security Spring 2014

Sul Ross State University. Spring CS 3310 Computer Communications. Office Location: ACR 109-B Office Phone:

DIG 3110 Web Design & Interactive Media

Syllabus -- CIS Computer Maintenance / A+ Certification

Web Programming Fall 2011

Web Programming Spring 2010

CS 200, Section 1, Programming I, Fall 2017 College of Arts & Sciences Syllabus

Web Design I. CE Spring 2013 Continuing Education [Pick the date][type the sender company name]

Oklahoma State University Institute of Technology Face-to-Face Common Syllabus Fall 2017

Class Hours: Saturday Monday Address: 9000 Overland Ave., Culver City, CA :00 p.m. 4:15 p.m. Location: Building and room number

Course and Contact Information. Course Description. Course Objectives

Instructor: Anna Miller

IT 341 Fall 2017 Syllabus. Department of Information Sciences and Technology Volgenau School of Engineering George Mason University

CS 470G Introduction to Operating Systems

San Jose State University College of Science Department of Computer Science CS185C, NoSQL Database Systems, Section 1, Spring 2018

IS Spring 2018 Database Design, Management and Applications

CARTO UNIVERSITY GROUP. Syllabus GEO 445/545 Computer-assisted Cartography Winter December 18, 2013

When does RDBMS representation make sense When do other representations make sense. Prerequisites: CS 450/550 Database Concepts

ECE 467 Section 201 Network Implementation Laboratory

Introduction to Data Structures

Syllabus COSC-051-x - Computer Science I Fall Office Hours: Daily hours will be entered on Course calendar (or by appointment)

Cleveland State University

Advanced Topics in Database Systems Spring 2016

San José State University Science/Computer Science Database Management System I

San José State University College of Science / Department of Computer Science Introduction to Database Management Systems, CS157A-3-4, Fall 2017

ITSC 1319 INTERNET/WEB PAGE DEVELOPMENT SYLLABUS

X

Compilers. Computer Science 431

LIS 2680: Database Design and Applications

Syllabus. Computer Science Information Technology 975. Information Storage and Management for Computer Networks

Art 645 Introduction to Web Site Design Los Angeles City College

Operating Systems, Spring 2015 Course Syllabus

Introduction to Information Technology ITP 101x (4 Units)

IS 331-Fall 2017 Database Design, Management and Applications

CISC 3130 Data Structures Spring 2018

ITP489 In-Memory DBMS for Real Time Analytics

Computer Science Technology Department

TCOM 663/CFRS Intrusion Detection and Forensics Department of Electrical and Computer Engineering George Mason University Fall, 2010

CSCE 206: Structured Programming in C

Syllabus Revised 01/03/2018

San José State University Department of Computer Science CS-174, Server-side Web Programming, Section 2, Spring 2018

Course Syllabus MIS Foundation of Information Systems Spring Semester, Credit Hours. (Last updated: 1/16/2016)

ab Houston Community College

Department of Computer & Information Sciences. CSCI-342: Introduction to Information Security Syllabus

Compilers for Modern Architectures Course Syllabus, Spring 2015

COLLEGE OF DUPAGE CIS 2542 Advanced C++ with Data Structure Applications Course Syllabus

CS 3030 Scripting Languages Syllabus

EECE.2160: ECE Application Programming Spring 2019

Course Syllabus MIS Foundation of Information Systems Spring Semester, Credit Hours

Syllabus for CIT 442 Information System Security 3 Credit Hours Spring 2015

CMN192B OFFICE: An Overview of Access and PowerPoint

IST359 - INTRODUCTION TO DATABASE MANAGEMENT SYSTEMS

San José State University Department of Computer Science CS151, Section 04 Object Oriented Design Spring 2018

Introduction to UNIX

Introduction to Computers & Their Use

Network Security

Common Syllabus revised

Course Title: Computer Networking 2. Course Section: CNS (Winter 2018) FORMAT: Face to Face

Spring CISM 3330 Section 01D (crn: # 10300) Monday & Wednesday Classroom Miller 2329 Syllabus revision: #

Advanced Relational Database Management MISM Course F A Fall 2017 Carnegie Mellon University

Division of Engineering, Computer Programming, and Technology

VIS II: Design Communication Graphic Design Basics, Photoshop and InDesign Spring 2018

You must pass the final exam to pass the course.

PELLISSIPPI STATE COMMUNITY COLLEGE MASTER SYLLABUS WEB DESIGN FOR MOBILE DEVICES WEB Laboratory Hours: 0.0 Date Revised: Fall 2011

CS 235AM, Mobile Application Development: Android Spring 2016

Course Syllabus MIS Foundation of Information Systems Spring Semester, Credit Hours

Course Syllabus: CompTIA A+ Hardware

CPS352 - DATABASE SYSTEMS. Professor: Russell C. Bjork Spring semester, Office: KOSC 242 x4377

WAYLAND BAPTIST UNIVERSITY VIRTUAL CAMPUS SCHOOL OF BUSINESS SYLLABUS

PELLISSIPPI STATE TECHNICAL COMMUNITY COLLEGE MASTER SYLLABUS CIW JAVASCRIPT FUNDAMENTALS CERTIFICATION WEB 2391

New York City College of Technology/CUNY Department of Computer Systems Technology. CST2400 Computer System Management and Support 4 hours 3 credits

FIT3056 Secure and trusted software systems. Unit Guide. Semester 2, 2010

Transcription:

MET CS 674 C1/EL Spring 2017: DATABASE SECURITY Boston University Metropolitan College Boston Campus and elive Schedule Thursday 18:00-21:00 US Eastern Time Location Room B36 College of Arts and Sciences 725 Commonwealth Ave Instructor Andrew D. Wolfe, Jr., M.S.C.S. 808 Commonwealth Avenue, Rm 225 617-358-1984 781-405-9118 Email awolfe@bu.edu Of?ice hours 3:00-4:30 pm Thursdays at my of?ice or by prior arrangement Adobe Connect or other webconferencing by arrangement COURSE DESCRIPTION The course provides a strong foundation in database security and auditing. This course utilizes Oracle scenarios and step-by-step examples. The following topics are covered: security, pro?iles, password policies, privileges and roles, Virtual Private Databases, and auditing. The course also covers advanced topics such as SQL injection, database management security issues such as securing the DBMS, enforcing access controls, and related issues. FORMAT This course is presented in the blended or e-live format. Fourteen sessions are planned over the course of the semester. Conventional students are expected to attend every lecture. E-Live students are required to attend four plenary sessions. Each lecture, plenary or not, will be videotaped and posted to the course site in BU Blackboard Learn within a few days of the actual lecture. The lectures will also be simulcast via Adobe Connect for those students who can use it. You can also participate remotely, stating your questions or comments via audio, for example, using a microphone or headset on your computer. Plenary dates are as follows: January 19 February 23 March 23 April 27 May 11 (Projected?inal exam) OBJECTIVES The objective we share in this course is that each student understand the application of security concepts to database technology and demonstrate the ability to work hands-on. Speci?ic topic objectives are: Understand the fundamentals of security, and how it relates to information systems last revision Thursday, January 19, 2017

Identify assets in your organization and their values Identify risks and vulnerabilities in operating systems from a database perspective Learn good password policies, and techniques to secure passwords in your organization Learn and implement administration policies for users Use Oracle to create policies, pro?iles and roles Understand the various database security models and their advantages or disadvantages Learn how to implement a Virtual Private Database using views, roles, and application context Gain an overview of auditing fundamentals, and create your own auditing model Learn the purpose and use of data dictionaries, encryption and SQL injection Explore an interesting research topic of your choice related to database security PREREQUISITES You are required to have working knowledge of a DBMS. It is assumed that you have taken CS579 or CS 669, or the requirement has been waived. There will be an elementary database quiz at the Dirst session. Please contact the instructor if you use a DBMS at work, or have questions about pre-reqs. COURSE TEXTS Required Database Security and Auditing: Protecting Data Integrity and Accessibility by Hassan A. Afyouni Publisher: Course Technology; 1 edition (April 6, 2005) ISBN-10: 0619215593 ISBN-13: 978-0619215590 HOWTO Secure and Audit Oracle 10g and 11g by Ron Ben-Natan Publisher: Auerbach Publications; 1 edition (March 10, 2009) ISBN-10: 1420084127 ISBN-13: 978-1420084122 GRADING RUBRIC Subject mastery and evident hard work are the key things I am seeking in student performance. Assignments - Go the Extra Mile The speci?ic instructions for the standard assignments are, to some degree, starting points for your work. If you do only what is on the assignment, your grade will not be 100. You must demonstrate understanding by going above and beyond the assignment. The following will raise your grade to the top levels: Discussion of the meaning and use of the steps in the assignment 2 of 5

Explaining how the steps in the assignment work Adding variations in addition to the speci?ied steps of the assignment, for example, an example with a different set of permissions or an additional query to show unexplored aspects of the problem Descriptions of tradeoffs in doing the same thing in different ways Overall Grade The following is the weighting of grading criteria for this course. Participation Grades When a student participates in a class discussion I will be looking for the following qualities: Applicability to the topic under discussion Responsiveness to the points raised by others Demonstration of conceptual mastery Citation (may be informal) of pertinent materials VPD Mini-Project Evaluation The VPD lab is a substantial security project in and of itself. Because of its substantial challenges, completing each step will merit a grade of 97. Project Evaluation Criteria The term project must include a word processing document of 2000-3000 words. Powerpoint or other slide decks will not be accepted. Acceptable formats are Word, HTML, PDF. Collections of?iles, including source code, may be combined into a single ZIP-format?ile for submission. The term project should explore or present original material in database security. You may choose your own project topic or choose from a selected topic. We will be discussing project topics in class, after which you will submit the topic you want to explore. Project topics are subject to instructor approval. The following characteristics will be used to grade the term project: Application of basic security concepts to the speci?ic topic Demonstrated understanding of technologies involved Proper academic formatting including table of contents, abstract, Describe methodology Grading Rubric Category Weighting Homework and Labs 20% Quizzes 20% Term Project 20% Final Exam 20% VPD Mini-Project 10% Class and Online Participation 5% Term Project Presentation 5% 100% 3 of 5

Comprehensiveness and depth Demonstrates technology Regulations and standards Helpful contrasts Coherent References in proper format Not Required in Grade Exceptional native intelligence Substantial personal experience in topic Witty repartée Late or Missed Work In case of personal emergency or other circumstances that prevent you from ful?illing an assignment, taking a quiz or test, or attending class, please contact me before it is due. Grade penalties for late submission may be waived if you provide this level of notice along with a reasonable and credible explanation. Course grade will be penalized 10 points for each assignment that has not been submitted as of the Tinal exam. ACADEMIC INTEGRITY WRITE IT, OR CITE IT! Please download and review the Policy on Academic Conduct from the following page: http://www.bu.edu/met/for-students/met-policies-procedures-resources/academicconduct-code/ Neither the University, nor I, nor your classmates can tolerate plagiarism in any formal submission for this class. Please show appropriate respect for all by expressing your own mastery of the material in your own words, diagrams, programming, etc. When you include quotations, mark and attribute them clearly and in appropriate academic style. Contact your instructor with any questions. SCHEDULE (subject to revision) Bold Letter lectures indicate plenary sessions for which we require in-classroom attendance of e-live students. E-Live students are welcome to attend any session of the course in addition to the required plenary session. CS 674 D1/EL Calendar for Spring 2017 Session Date Topics 01+A 01-19 Introduction - Overview 02 01-26 Security Concepts, Security Architecture, Types of Attacks 03 02-02 User Creation and Administration 04 02-09 Profiles, Passwords Privileges, Roles 05 02-16 Flipped class: labs 1, 2 4 of 5

Session Date Topics 06+B 02-23 Application Security Models 07 03-02 Further authorization Spring 03-09 Spring Recess Recess 08 03-16 Virtual Private Databases 09+C 03-23 Virtual Private Databases 10 03-30 Database Auditing Models 11 04-06 Application and Data Auditing 12 04-13 Database Activity Auditing 13 04-20 Special Cases; Advanced Topics and SQL Injection 14+D 04-27 Term Project Presentations 16+F 05-11 Final Exam 05-13 Post-final - excluded topics and assignments IMPORTANT NOTES We provide a virtual machine appliance for you to use during the course. This can be operated on Windows, Linux, and Macintosh OS X. The operating system internal to the virtual machine is Linux. The virtual machine is run under the free VirtualBox application, download from http://www.virtualbox.org. 5 of 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback