Instructor | Announcements | Course Info | Class Material | Schedule | Project | Grade | General Policy | Related Links
Office Hours: After class, by appointment or email only
Richard Sinn has been teaching in the Computer Engineering and Computer Science departments at San Jose State University since 1998. He also served as Adjunct Professor at University of Minnesota. In addition to his teaching career, Richard is the Security Architect at the Real Time Communication group at Yahoo! Inc. Prior to this he held various senior positions at IBM, Oracle and different Silicon Valley startup companies. Richard is an inventor and has filed over ten invention disclosures (patents). He is also a frequent writer for various magazines and journals, and a frequent speaker at regional and national technology conferences.
Check back every now and then for updates.
Available when someone drops.
Every Tuesday 6:30pm <-----
Please consider how you set up your evaluation environments - be it homework, on-campus quizzes and exams, to minimize chances of (temptations to) cheating.
- Make sure there is plenty of space between students.
- Always proctor exams and tests, and preferably by sitting at the back of the room rather than at the front. Do not leave the testing room during the test. If you cannot proctor the class yourself, contact me and I will endeavor to find a proctor for you.
- If the test is closed-book, require all backpacks to be zipped shut, all PDAs, computers and phones to be handed in, and any access to either without explicit proctor permission should be an immediate F in the class.
For homework: We have started using on-line support systems to catch cheaters. So I would very strongly urge you:
- For code assignments: Run them all through MOSS
- For essays etc: Run them all through turnitin.com (SJSU has a site subscription, I have been told.)
- Make sure individual contributions are ensured in team projects. This can be done through various means: Sign-offs, quizzes on the content of common work, etc.
Remember: A grade reflects an evaluation of the individual student's achievements. Your evaluation system has to reflect that objective.
Network security protocols and applications, cryptography algorithms, authentication systems, intrusion detection, network attacks and defenses, system-level security issues, and how to build secure systems. Prerequisite: CmpE 206 and EE 281. This semester is programming oriented. Topics include:
Apart from big term project(s) and presentation, there are homework assignments, a mid-term exam and a final exam. Some exams might be take-home. The weightings for grading are: Term Project(s) 40%, Homework 20%, Midterm 10%, Final Exam 10%, and Team Presentation 20%.
No Late Assignment Submission. Put everything in an envelop when submit any material.
University, College, or Department Policy Information
a. Academic integrity statement (from Office of Judicial Affairs): “Your own commitment to learning, as evidenced by your enrollment at San José State University, and the University’s Academic Integrity Policy requires you to be honest in all your academic course work. Faculty members are required to report all infractions to the Office of Judicial Affairs.
b. Campus policy in compliance with the Americans with Disabilities Act: “If you need course adaptations or accommodations because of a disability, or if you need special arrangements in case the building must be evacuated, please make an appointment with me as soon as possible, or see me during office hours. Presidential Directive 97-03 requires that students with disabilities requesting accommodations must register with DRC to establish a record of their disability.”c. Policies or information required by the department, or college with which the class is associated.
Software Security Technologies, A Programmatic Approach. Course Technology, 496 pages. (Available at bookstore).
Non-Textbook: Reading material will be online on this web site before every lecture. Reading this semester:
Pick one of the references for term paper. Please spend the time to read and actually reseach (program) into the topics. The class expects a high quality research paper, not some collection of combined internet web pages ...
| Jan 27, 2009-Tue
February 3: Last Day to Drop Courses Without an Entry on Student's
Feb 3, 2009-Tue:
February 10: Last Day to Add Courses & Register Late
Feb 10, 2009-Tue:
Feb 17, 2009-Tue:
Feb 24, 2009-Tue:
Mar 3, 2009-Tue:
How to use turnitin.com
The two papers you need to submit for this class is Research paper (after the group presentation) and Term Project paper (the term project paper at the end of the semester).
Mar 10, 2009-Tue:
Mar 17, 2009-Tue:
March 23-27: Spring Recess
Project Part I consists of a document includes the following:
Mar 31, 2009-Tue: Cesar Chavez Day - Campus Closed
Apr 7, 2009-Tue:
Apr 14, 2009-Tue:
Apr 21, 2009-Tue:
Final and Presentation
Apr 28, 2009-Tue:
May 5, 2009 - Tue:
May 12, 2009 - Tue
There are two parts into the term project. Part 1 is an individual part performed by one student and part 2 is a group part performed by two group members. The name of the project is called Internet Information Exchange Hub.
Part 1 - Information Portal (individual part)
Create an information portal in the form of a web site. This information portal allows a self-service creation of a USER. Each user can store various RESOURCES securely in the information portal. Here is a list of rerquirements:
Part 2 - Internet Information Exchange
Form a group of two and create a mechansim that allows two information portals to securely exchange information between two real web sites. In other words, USERS from different web sites can exchange RESOURCE. As a group you must decide the following:
Project team has to decide on various issues such as:
As the whole class will be working on similar projects, relative grading will be used. In other words, all the projects will be ranked within the class and points will be assigned accordingly. There are two parts in the project:
Project Part I consists of a document includes the following:
Project Final Part will be covered later in class
Final Word of Warning
This is not an "easy" class and the project is an essential part of the overall grade. People who did not deliver the project well enough could really hurt their grade as the project contains more than 40% of the overall grade.
Each team will be given one topic to research and present during the semester. Mid-term and final will contain some questions related to the topics presented. The team needs to prepare the following:
The following are the possible topics:
|Data Link Layer|
|ARP/RARP||Address Resolution Protocol/Reverse Address|
|DCAP||Data Link Switching Client Access Protocol|
|DHCP||Dynamic Host Configuration Protocol|
|DVMRP||Distance Vector Multicast Routing Protocol|
|ICMP/ICMPv6||Internet Control Message Protocol|
|IGMP||Internet Group Management Protocol|
|IP||Internet Protocol version 4|
|IPv6||Internet Protocol version 6|
|MARS||Multicast Address Resolution Server|
|PIM||Protocol Independent Multicast-Sparse Mode (PIM-SM)|
|RIP2||Routing Information Protocol|
|RIPng for IPv6||Routing Information Protocol for IPv6|
|RSVP||Resource ReSerVation setup Protocol|
|VRRP||Virtual Router Redundancy Protocol|
|Mobile IP||Mobile IP Protocol|
|TALI||Transport Adapter Layer Interface|
|TCP||Transmission Control Protocol|
|UDP||User Datagram Protocol|
|Van Jacobson||compressed TCP|
|XOT||X.25 over TCP|
|BGMP||Border Gateway Multicast Protocol|
|DIS||Distributed Interactive Simulation|
|DNS||Domain Name Service|
|ISAKMP/IKE||Internet Security Association and Key Management Protocol and Internet Key Exchange Protocol|
|iSCSI||Small Computer Systems Interface|
|LDAP||Lightweight Directory Access Protocol|
|MZAP||Multicast-Scope Zone Announcement Protocol|
|NetBIOS/IP||NetBIOS/IP for TCP/IP Environment|
|COPS||Common Open Policy Service|
|FANP||Flow Attribute Notification Protocol|
|Finger||User Information Protocol|
|FTP||File Transfer Protocol|
|HTTP||Hypertext Transfer Protocol|
|IMAP4||Internet Message Access Protocol rev 4|
|IMPPpre/IMPPmes||Instant Messaging and Presence Protocols|
|IPDC||IP Device Control|
|IRC||·Internet Relay Chat Protocol|
|ISAKMP||Internet Message Access Protocol version 4rev1|
|NTP||Network Time Protocol|
|POP3||Post Office Protocol version 3|
|Radius||Remote Authentication Dial In User Service|
|RTSP||Real-time Streaming Protocol|
|SCTP||Stream Control Transmision Protocol|
|S-HTTP||Secure Hypertext Transfer Protocol|
|SLP||Service Location Protocol|
|SMTP||Simple Mail Transfer Protocol|
|SNMP||Simple Network Management Protocol|
|SOCKS||Socket Secure (Server)|
|TACACS+||Terminal Access Controller Access Control System|
|TELNET||TCP/IP Terminal Emulation Protocol|
|TFTP||Trivial File Transfer Protocol|
|WCCP||Web Cache Coordination Protocol|
|BGP-4||Border Gateway Protocol|
|EGP||Exterior Gateway Protocol|
|EIGRP||Enhanced Interior Gateway Routing Protocol|
|HSRP||Cisco Hot Standby Router Protocol|
|IGRP||Interior Gateway Routing|
|NARP||NBMA Address Resolution Protocol|
|NHRP||Next Hop Resolution Protocol|
|OSPF||Open Shortest Path First|
|TRIP||Telephony Routing over IP|
|ATMP||Ascend Tunnel Management Protocol|
|L2F||The Layer 2 Forwarding Protocol|
|L2TP||Layer 2 Tunneling Protocol|
|PPTP||Point to Point Tunneling Protocol|
|ESP||Encapsulating Security Payload|
|TLS||Transport Layer Security Protocol|
Email email@example.com to check your grade if necessary.
The university and departmental policies and deadlines for course drop will be applied. Makeup exams cannot be offered, except under exceptional conditions, such as documented serious illness/accident, etc., and only at the professor's discretion.
Each student is responsible for his/her individual assignment, and must not copy anyone else's work. Students who borrow solutions from others will find themselves unable to pass the course. The minimum penalty for every student involved in the duplication of individual assignments or exams will be receiving a zero score on the submitted work.
For group project, all the work has to be done by your OWN group. Do not try to download "free code" from the Internet and hand in as a project. WE WILL FIND OUT. Do not share your work with others. So DO YOUR OWN WORK and EARN your grade.