Home / Teaching / CSC489 — Selected Topics in Computer Science (Internet and Web Application Security) — Fall 2016

CSC489 — Selected Topics in Computer Science (Internet and Web Application Security) — Fall 2016

  • Course Information 
  • Lecture Notes & Readings 
  • Individual Research 
  • Group Project 
  • Exams

 

Coures Overview

An overview of the fundamentals of Internet Security and Web Applications Security. We will see how different cryptographic primitives and algorithms are used to secure the internet and web applications. We will also discuss cryptographic protocols and their design. We will examine the security of some of the real world applications such as SSL/TLS, Wireless Security, SSH, IPSec and others. We will take web security as a case study on how many secure properties were achieved.

Prerequisite

  • Official Requirement — Completing 100 hours of the program of the undergraduate program.
  • Technical Prerequisite — Familiarity with wired and wireless computer networking and web technologies (such as http and html).
  • Course Prerequisite — You should have already taken the networks course (CSC329), the database course (CSC380), and the security course (CSC429).

If you are missing any of these requirements, you have to talk to the instructor during the first week of classes.

Class Schedule

Lectures

  • Mondays [3:00 pm – 4:50 pm].
  • Wednesdays [3:00 pm – 3:50 pm].

Tutorials

  • Wednesdays [4:00 pm – 4:50 pm].

All classes will be held at the CCIS Building (31) Room (1-A-035).

Textbook

There is no text book for the course as reading material will be provided for lectures. However, you will find the book\s below to be of great benefit:

  • Security Engineering: A Guide to Building Dependable Distributed Systems, 2nd Edition, Ross Anderson. [Free download from author’s page].

Grading and Assessment

  • Individual Research and Presentation (10%)
  • Group Project (35%)
  • Popup Quizzes (5%)
  • Midterm (10%)
  • Final Exam (40%)

Grade distribution is subject to change.

Academic Integrity

Academic Honesty and Ethical behavior are required in this course, as it is in all courses at King Saud University. The class will be conducted according to the policy set by KSU (لائحة تأديب الطلاب). Please take the time to read it carefully. This policy will be followed unless I provide written documentation of exceptions.

Late Policy

Missing the deadline (without a VALID and PREVIOUSLY APPROVED Excuse)

  • If you submit within an hour, you’ll loose 20% of grade.
  • If you submit within 24 hours, you’ll loose 50% of grade.
  • After that you’ll get 0% of the grade.

Missing an exam or a quiz (without a VALID and PREVIOUSLY APPROVED Excuse)

  • Will get you 0% of the grade.

Class Announcements

All the class announcements and discussions will be posted on Piazza.

Week

Monday

Wednesday

Week 1
Sep. (18-22)

N/A

  • Course Overview (pdf)

Week 2
Sep. (25-29)

  • Security Introduction (pdf)

Week 3
Oct. (2 – 6)

  • Deadline: submit a your individual research proposal (beginning of class)
  • Deadline: submit your group project proposal (beginning of class)
    • Also, submit the team contract as part of your proposal signed be each member of your group (file).
  • Presentation: for groups projects (10 min for each project)

Week 4
Oct. (9-13)

  • Presentation: for individual research (5 min for each project)

Week 5
Oct. (16-20)

No Class

No Class

Week 6
Oct. (23-27)

  • Cryptography Introduction (pdf)
  • Presentation: progress presentations groups projects (10 min for each project). This presentation should include:
    • The design of your project (e.g. software design, database design, architecture design, … etc).

Week 7
Oct. 30 – Nov. 3

Week 8
Nov. (6-10)

  • Deadline: submit individual research progress report by 23:59 hrs.

Week 9
Nov. (13-17)

Mid-Semester Break

Mid-Semester Break

Week 10
Nov. (20-24)

  • Mid-Term Exam (During class time)
  • Presentation: for groups projects — progress report (15 min for each project)
  • Presentation: for individual research (7 min each)
  • Deadline: each group member needs to submit the Group Process Evaluation Form” at the beginning of the class (file)

Week 11
Nov. 27 – Dec. 1

Week 12
Dec. (4-8)

  • Presentation: for individual research (5 min. each).

Week 13
Dec. (11-15)

Week 14
Dec. (18-22)

  • Presentation: The beta (fully-functioning) version of the project should be presented.

Week 15
Dec. (25-29)

  • Deadline: to submit your individual research final report (beginning of class)
  • Final Presentationfor individual research (10 min each + 5 min Q&A)

Week 16
Jan. 1-5

  • Deadline: to submit group project final report (beginning of class)
    • Each member needs to submit a group assessment form (file).
  • Final Presentationfor groups projects (30 min each)

  • Course review

Students’ Topics

  • TBA

Generic Information

You should work on an individual research in an area of Internet and Web Security that interests you. The outcome of your research could involve developing a proof-of-concept.

Topics sources

Timeline

  • TBA

Referencing

You should correctly cite other people’s work. This guide can give you a good introduction.

Grade Distribution

  • 10% on proposal
  • 15% on first presentation
  • 10% on first progress report
  • 30% on final presentation
  • 35% on final report.

Generic Information

You should form a group of 3 to 4 people to work on a project in an area of Internet and Web Application Security. Your project should use the concepts we studied in class to solve a problem you specify. The output of your project must include a prototype of a solution your worked on as a team to address a security concern.

Topics sources

Group Paper Work & Evaluation

  • You need to submit this team contract as part of your proposal signed be each member of your group (file).
  • Each member of the groups needs to submit to me directly the “Group Process Evaluation Form” at the beginning of the class (file). Just type your group name and submit anonymously.
  • Each member needs to submit a group assessment form (file).

Timeline

  • TBA

Suggested Tools to Use

  • Development Framework: it is recommended to use an agile methodology to implement your solution. Scrum is one of the best frameworks to use.
  • Project Management: Trello or Asana
  • Collaboration and Discussions: Slack
  • Code Version Control: Github

Grade Distribution

  • 5% on proposal
  • 5% on form submissions (individual and group forms)
  • 5% on first presentation
  • 15% on second presentation
  • 5% on first progress report
  • 35% on final presentation
  • 30% on final report.

Midterm

  • Exam will be held during class time on Wednesday November 9th (tentative).
  • Exam will be one hour long.

Final Exam

  • Date will be set by the college.