CS 4235 - Summer 2007
Introduction to Information Security

Home | Syllabus | Schedule | Homework | Critiques | Project | Groups | Links


General Information

  • Class Time: Tuesday & Thursday, 2:00p - 3:45p
  • Location: Cherry Emerson 320
  • Instructor (May 15 - Jun 21): Bryan D. Payne (bdpayne@cc)
  • Instructor (Jun 21 - Aug 03): Jeff King (peff@cc)
  • Teaching Assistant: Ikpeme Erete (ikpeme@cc)

Books

The first book is the official textbook for this course. Additional readings will be provided as handouts in class. The remaining books are good sources of additional information for students, but these texts are not required.

  • Required Security In Computing (4th Edition), by Charles P. Pfleeger and Shari Lawrence Pfleeger, Prentice Hall, 2007, ISBN 0-13-239077-9
  • Computer Related Risks, by Peter G. Neumann, Addison-Wesley, 1995, ISBN 0-201-55805-X
  • Information Security Illuminated, by Mike Chapple and Michael G. Solomon, Jones and Bartlett Publishers, 2005, ISBN 0-7637-2677-X
  • Information Security: Protecting the Global Enterprise, by Donald L. Pipkin, Prentice Hall, 2000, ISBN 0-13-017323-1
  • Information Warfare and Security, by Dorothy E. Denning, Addison-Wesley, 1999, ISBN 0-201-43303-6
  • Information Security Intelligence: Cryptographic Principles & Applications, by Thomas Calabrese, Thomson Delmar Learning, 2004, ISBN 1-4018-3727-1
  • Internet Besieged: Countering Cyberspace Scofflaws, edited by Dorothy E. Denning and Peter J. Denning, Addison-Wesley, 1998, ISBN 0-201-30820-7
  • Introduction to Computer Security, by Matt Bishop, Addison-Wesley, 2005, ISBN 0-321-24744-2
  • Moving Beyond Fear, by Bruce Schneier, Springer-Verlag, 2003, ISBN 0387026207
  • Secrets and Lies: Digital Security in a Networked World, by Bruce Schneier, Wiley, John & Sons, Incorporated, 2004, ISBN: 0471453803

Course Description

This course provides a one-semester, initial overview on the topic of Information Security. It is designed to help the student of any major -- undergraduate or graduate -- understand this important priority in society today. From an external perspective, it touches on the issues surrounding the private citizens' concern for privacy, the government impact on laws and public policy, the importance of management and administration, and the place information security holds in overall business risk. Technically, the course examines the general dimension of providing security for information processing systems--secure operating systems and applications, network security, cryptography, security protocols, etc.

Course Objective

This course provides the student with a background, foundation, and insight into the full dimension of the subject of Information Security. This knowledge will serve as basis for future study in selected aspects of this important field or as an important dimension to their effectiveness in the broader computer science field. The primary objectives of the course are to:

  • Understand the importance of information security and how it affects our changing world.
  • Identify the key areas of information security and how they "work".
  • Learn how to critically analyze situations of computer use, identifying the issues, consequences, and viewpoints.

As a part of your general education, the course will also help you learn to:

  • Communicate (written and verbally) about a complex, technical topic simply and coherently.
  • Work and interact collaboratively in groups to examine, understand and explain key aspects of information security

Teaching Philosophy

"I am not the 'sage from the stage,' but the 'guide from the side'!!"

The primary purpose of this course is to help you understand threats to your information systems and how to defend against them. This is not something you can learn by instruction alone. As instructor, I can only guide and assist you. Thus, all of the class activities are designed to help you learn.

The subject is broad and complicated. Together, we will share our knowledge and experiences to explore, understand, and simplify the topic.

I make extensive use of classroom discussions based on the basic text and additional reading that I assign or you discover. I use homework and problems to reinforce skills or understanding. I use critical and analytical writing assignments to make you challenge and question what you read. You will be given many opportunities to express and defend your views regarding the impact of the subject on you, society, a business / organization, or the information system.

You will be expected to participate actively in discussions. On any given issue, you may be asked to summarize and critique reading assignments from the text or articles that you have read.

Class Participation and Attendance

Discovery does not arise from instruction but from personal engagement with the controversies and potentials of a computerized society. You have to be in class to contribute to and benefit from that personal engagement. As shown below, a quarter of your grade depends on class participation and attendance.

In this class, engagement will take several forms:

  • You will be expected to read, summarize, and interpret the articles for yourself and others.
  • You will be expected to study problems, techniques, and approaches individually and in groups, and then present your findings both orally and in writing.
  • You will be expected to critique the perspectives/opinions of both authors and classmates in discussions and position papers.

At any class period, you may be asked to summarize and critique readings from the book or elsewhere in an "elevator speech" for the class. On such occasions, you are invited to refer to notes you've made in response to the readings. You may also be quizzed on the high points of the material.

If you are unable to attend class, notify the TA by email before the period begins for consideration of an excused absence. Unexcused absences will be factored into your grade.

General Assignment Guidelines

Technical Format

Although the most important thing to do in any assignment is to show that you have thought about the topic and gained some understanding, grading also takes technical format into account.

All written assignments must be prepared using a word processor. Each assignments page count assumes a double-spaced paper set in 12 point font with the default margins of Microsoft Word (1.25" left/right, 1" top/bottom). Feel free to use other software for writing (e.g., LaTeX, Pages, etc).

Each paper should clearly identify the author(s), date, and assignment number. If the assignment discusses an article, a proper citation for that article (author, title/headline, publication name, date, and page number or URL) must be included in the paper. In addition, at least the first page of the article should be attached (photocopies are acceptable).

Writing Style

All assignments are expected to be grammatically correct with accurate spelling. All writing assignments should be proofread and corrected before submission. Incomplete sentences will not be read. For footnotes and bibliographies, students will use a standard citation style. Students are encouraged to learn and use tools such as EndNote (for Word, available for free from OIT) or BiBTeX (for LaTeX).

Late Policy

Homework and papers are due at the start of class on the due date, unless otherwise specified. Late work will be accepted, but penalized. Work not turned in by a designated final cut-off will not be considered and graded as a "zero" in numerical grading. All assignments must be turned in for a passing grade. Hardship exceptions to this policy will be considered and granted by the TA only before the assignment is due.

Academic Honesty

I recognize and fully support the Georgia Tech Academic Honor Code as presently defined for the Georgia Tech community. A copy of the Honor Code can be found at this Georgia Tech website.

All students are expected to maintain traditional standards of academic integrity by giving proper credit for all work referenced, quoted, etc. Unless otherwise stated, all work is individual work by each student.

Plagiarizing is defined by Webster's as "to steal and pass off (the ideas or words of another) as one's own: use (another's production) without crediting the source." Quote and attribute any words that are not your own. If caught plagiarizing, you will be dealt with according to the GT Academic Honor Code.

Unless specifically identified as group work; quizzes, tests, take-home-tests, homework, etc. are to be completed alone.

Grading

Your grade will be based on the following evaluated tasks:

  • Homework (25%)
  • Article Critiques (20%)
  • Class Project (30%)
  • Class Participation / Attendance / Quizzes (25%)

All assignments and projects are required for passing the course. Any assignment turned in by email that contains a virus will receive an automatic zero (Note: anti-virus software is available for free through OIT).