Instructor | Announcements | Course Info | Class Material | Schedule | Grade | General Policy | Related Links
Software Security Technologies
Richard Sinn has been teaching in the Computer Engineering and Computer Science departments at San Jose State University since 1998. He also served as Adjunct Professor at University of Minnesota. In addition to his teaching career, Richard is the Security Architect at the Real Time Communication group at Yahoo! Inc. Prior to this, he held various senior positions at IBM, Oracle and different Silicon Valley startup companies. Richard is an inventor and has filed over ten invention disclosures (patents). He is also a frequent writer for various magazines and journals, and a frequent speaker at regional and national technology conferences.
Tuesday 7:30PM - 10:15PM (Student Lab Time after 9:00pm)
Please consider how you set up your evaluation environments - be it homework, on-campus quizzes and exams, to minimize chances of (temptations to) cheating.
- Make sure there is plenty of space between students.
- Always proctor exams and tests, and preferably by sitting at the back of the room rather than at the front. Do not leave the testing room during the test. If you cannot proctor the class yourself, contact me and I will endeavor to find a proctor for you.
- If the test is closed-book, require all backpacks to be zipped shut, all PDAs, computers and phones to be handed in, and any access to either without explicit proctor permission should be an immediate F in the class.
For homework: We have started using on-line support systems to catch cheaters. So I would very strongly urge you:
- For code assignments: Run them all through MOSS
- For essays etc: Run them all through turnitin.com (SJSU has a site subscription, I have been told.)
- Make sure individual contributions are ensured in team projects. This can be done through various means: Sign-offs, quizzes on the content of common work, etc.
Remember: A grade reflects an evaluation of the individual student's achievements. Your evaluation system has to reflect that objective.
This will be one of the most useful classes you will ever take in software engineering. Come and learn the essentials of software security technologies.
Providing the perfect blend of basic security theory and practical software security programming, Software Security Technologies offers a valuable introduction to the field of software security. Divided into three parts, this comprehensive class encourages students to master their security skills by building on the basics. The first section of the class is devoted to fundamental security theories that govern common software security technical issues. Coverage then progresses to a focus on the practical programming materials that will teach students on how to implement security solutions using the most popular software packages. Using these theories and programming practices as a foundation, the class concludes with a section on security in practice, demonstrating how the conceptual and practical materials covered in the first two sections are applied in real-world scenarios. All of these topics are also explained in the textbook (Software Security Technologies: A Programmatic Approach ) written by the instructor using a straightforward approach, so that students can grasp the information quickly and easily, gaining the confidence they need to further develop their skills in software security technologies.
Course materials feature:
Apart from big term project(s) and presentation, there are homework assignments, a mid-term exam and a final exam. Some exams might be take-home. The weightings for grading are: Term Project(s) 40%, Homework 20%, Midterm 10%, Final Exam 10%, Team Research Presentation 10%, and Term Presentation 10%.
No Late Assignment Submission
(Original book by the instructor)
Pick one of the references for term paper. Please spend the time to read and actually reseach (program) into the topics. The class expects a high quality research paper, not some collection of combined internet web pages ...
The following are the (subset of ) topics that will be covered:
Part I - Security Theories and Concepts
Aug 28, 2007 - Tuesday
Sept 4, 2007 - Tuesday
Sept 11, 2007 - Tuesday
Sept 18, 2007 - Tuesday
Part II - Security Programming
Sept 25, 2007 - Tuesday
Oct 2, 2007 - Tuesday
Oct 9, 2007 - Tuesday
Oct 16, 2007 - Tuesday
Oct 23, 2007 - Tuesday
Oct 30, 2007 - Tuesday
Nov 6, 2007 - Tuesday
Part III - Security in Practice
Nov 13, 2007 - Tuesday
Nov 20, 2007 - Tuesday
Final and Presentation
Nov 27, 2007 - Tuesday
Dec 4, 2007 - Tuesday
Each team will be given a topics to research and present during the semester. The team needs to prepare the following:
Email firstname.lastname@example.org to check your grade if necessary.
The university and departmental policies and deadlines for course drop will be applied. Makeup exams cannot be offered, except under exceptional conditions, such as documented serious illness/accident, etc., and only at the professor's discretion.
Each student is responsible for his/her individual assignment, and must not copy anyone else's work. Students who borrow solutions from others will find themselves unable to pass the course. The minimum penalty for every student involved in the duplication of individual assignments or exams will be receiving a zero score on the submitted work.
For group project, all the work has to be done by your OWN group. Do not try to download "free code" from the Internet and hand in as a project. WE WILL FIND OUT. Do not share your work with others. So DO YOUR OWN WORK and EARN your grade.
|Richard's Recent Articles