Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Information Security Analytics Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course Course Outline June 1: Introduction to Security, Data and Applications Security June 8: Security Governance and Risks / Data mining overview June 15: Access Control / Access control and policy for data management June 22: Security architecture / Access control for web services and the cloud June 29: Cryptography / Secure XML Publishing July 6: Network Security / Physical Security /Review for exam July 13: Exam #1 July 20: Applications Security / Secure Data Architectures; Insider Threat Detection/ July 27: Legal Aspects, Forensics August 3: Operations Security, Disaster Planning August 10: Special Topics, Exam #2 Text Book CISSP All-in-One Exam Guide, Fifth Edition Author: Shon Harris Hardcover: 1216 pages Publisher: McGraw-Hill Osborne Media; 5 edition (January 15, 2010) Language: English ISBN-10: 0071602178 ISBN-13: 978-0071602174 Course Rules Unless special permission is obtained from the instructor, each student will work individually. Copying material from other sources will not be permitted unless the source is properly referenced. Any student who plagiarizes from other sources will be reported to the Computer Science department and any other committees as advised by the department No copying of anything from a paper except for about 10 words in quotes. No copying of figure even if it is attributed. You have to draw all figures. COURSE ATTENDANCE IS MANDATORY Course Plan Exam #1: 20 points – July 13 Exam #2: 20 points - August 10 Two term papers 10 points each: Total 20 points - July 6, July 27 Programming project : 20 points - August 3 Two Assignments: 10 points each: Total: 20 points - June 30 – July3, July 20 Assignment #1 Explain with examples the following - Discretionary access control - Mandatory access control - Role-based access control (RBAC) - Privacy aware role based access control - Temporal role based access control - Risk aware role-based access control - Attribute-based access control - Usage control (UCON) Term Paper #1 Write paper on Identity Management for Cloud Computing - Identity Management - Cloud Computing security challenges - Apply identity management to cloud computing - Directions Assignment #2 Suppose you are give the assignment of the Chief Security Officer of a major bank (e.g., Bank of America) or a Major hospital (e.g., Massachusetts General) Discuss the steps you need to take with respect to the following (you need to keep the following in mining: Confidentiality, Integrity and Availability;; you also need to understand the requirements of banking or healthcare applications and the policies may be: - Information classification - Risk analysis - Secure networks - Secure data management - Secure applications Term Paper #2 Write paper on any topic discussed in class (that is, any of the 10 CISSP modules) Contact For more information please contact - Dr. Bhavani Thuraisingham - Professor of Computer Science and - Director of Cyber Security Research Center Erik Jonsson School of Engineering and Computer Science EC31, The University of Texas at Dallas Richardson, TX 75080 - Phone: 972-883-4738 - Fax: 972-883-2399 - Email: [email protected] - URL: - http://www.utdallas.edu/~bxt043000/ Project Software Design document - Project description - Architecture (prefer with a picture) and description (software – e.g., Oracle, Jena etc.) - Results - Analysis - Potential improvements - References Paper: Original – you can use material from sources, reword (redraw) and give reference Abstract Introduction Body of the paper - Comparing different approaches and analyzing - Discuss your approach, - Survey Conclusions References - ([1]. [2], - - -[THUR99]. - Embed the reference also within the text. - E.g., Tim Berners Lee has defined the semantic web to be -[2]. -- Index to Exam #1 Lecture 1: Introduction to Info Systems Security Lecture 2: Data Mining for Malware Detection* (1) Lecture 3: Governance and Risk ** (2) Lecture 4: Data Mining Overview Lecture 5: Access Control* (1) Lecture 6: Access Control and Policy for data * (1) Lecture 7: Security Architecture* (1) Lecture 8: Secure Web Services* (1) Lecture 9: Secure Cloud* (1) Lecture 10: Cryptography* (1) Lecture #11: Secure publication of XML data * (1) Extra credit: One or two questions on any one of the above Papers to Read for Exam #1 Elisa Bertino, Barbara Carminati, Elena Ferrari, Bhavani M. Thuraisingham, Amar Gupta: Selective and Authentic Third-Party Distribution of XML Documents. IEEE Trans. Knowl. Data Eng. 16(10): 1263-1278 (2004) Expert on Cloud technologies Vaibhav Khadilkar [email protected] Index to Exam #2 Lecture 12: Network Security Lecture 13: Physical Security Lecture 14: Assured Cloud Computing (extra credit) Lecture 15: Data and Applications Security Lecture 16: Multilevel Secure Data Management Lecture 17: Insider Threat Lecture 18: Business Continuity Planning Lecture 19: Operations Security Lecture 20: Legal Aspects Lecture 21 Digital Forensics Lecture 22: Privacy Lecture 23: NIST/NVD Lecture (extra credit)