CSSE 240 - Principles of Cybersecurity
Winter Quarter 2023-2024
Rose-Hulman Institute of Technology

    Instructor: Sid Stamm
Office Address: Moench D207
        E-mail: stammsl@rose-hulman.edu
           Web: http://www.rose-hulman.edu/class/csse/csse340/
      Textbook: Foundations of Security (Daswani, Kern & Kesavan)

--------------------------------------------------------------------------------

Course Description:
This course introduces ethical, theoretical, and practical issues of
information security in interconnected systems of computers. Implications of
relevant professional codes of ethics are a recurring theme of the course, as
are societal and human impacts on computer system security. Foundational topics
include access control matrices and standard system models, as well as policies
for security, confidentiality, and integrity. Implementation issues include key
management, authentication, principles of secure design, representation of
identity, access control mechanisms, information flow, life cycle issues, and
formal evaluation and certification techniques. Additional topics include
malicious logic, vulnerability analysis, and auditing. Computer system attack
techniques are observed and evaluted in a closed environment to motivate and
inform discussion and exploration of computer network defense
techniques.

Students who successfully complete this course will be able to:

1. Given a set of threats, identify or design a security policy and mechanism
   in terms of confidentiality, integrity, and availability that will counter
   the threats.

2. Given a description of a system, identify and quantify threats including
   disclosure, deception, disruption, and usurpation.

3. Explain principles that guide the design of secure software.

4. Discuss current events, practices, vulnerability reports, and tools relevant
   to computer security.

5. Analyze and explain the effect malicious software could have on software or
   a computing system.

6. Explain the roles of cost-benefit analysis, risk analysis, laws and customs,
   organizational issues, and personnel issues in choosing appropriate security
   policies and mechanisms.


Course Prerequisites:
CSSE120 - Intro to Software Development
HUM H190 - First-year Writing Seminar

Course Requirements:
To earn a passing grade, you must complete homework, in-class quizzes, two
in-class exams, in-class labs (or alternate activities), participate in Class
activities, and complete a small-group research project.


Grading:
In estimating your grade, weight the work as follows:
   20% Homework and Quizzes
   30% In-class exams
   20% Labs and alternate activites
   20% Final Research Project
   10% Discussion/Participation
In general, 90-100% is an A, 80-89% is a B, 70-79% is a C, 60-69% is a D.
The above weights and percentages are a guideline that we typically follow.
Please understand that it is not a promise. We will do our best to conform to
the institute-wide grading policy described in the Grade Descriptions section
of the registrar's web page.
https://www.rose-hulman.edu/campus-life/student-services/registrar/rules-and-procedures/grades.html


Attendance/Engagement Policy
Regular PHYSICAL attendance in class meetings is expected.
When necessary, the completion of all recorded lessons is also expected.


Good Citizenship
In this class you may learn things to protect but also to exploit flaws systems
for educational purposes.  You are expected to act ethically and only use these
skills on systems when authorized by the owners of those systems. This
course in no way protects or exempts you from following policies and laws.
Don't be a jerk or a criminal.

If at any time you are uncertain if something is allowed: stop, think, and ask.


Academic Integrity
Collaboration is required on certain graded events (team presentations),
prohibited on others (individual quizzes, homework and exams), and encouraged
on the remainder. Copying is not collaboration. Working out a solution as a
group is acceptable collaboration. Each individual is responsible for
understanding the entire solution. For homework, this means that once a group
solution has been achieved, each collaborator must rework the problem and write
up the solution independently. You must properly credit your collaborators and
clearly indicate the extent of the collaboration, except where it is obvious
(e.g. team quizzes in which all team members participated roughly equally).
Failure to acknowledge collaboration can be considered cheating. You are
welcome to talk to the instructor if you have any questions regarding our
expectations.


Late Assignments
Homework and quizzes must be submitted on time to receive credit for them.


Concerns about anything?  Got a problem and can't get your assigments done on
time?  Come talk to me and we'll work something out!