ITM 604: Communications Networking & Security
Professor Duchessi's AssignmentsIn the first third of the course, Professor Duchessi will give one homework assignment. Details are listed in WebCT.
Professor Goel's AssignmentsAssignments can be in-class or take-home and will be designated as individual or group assignments depending on the specific assignment. Please see the Assignments section of the course site for further details and guidelines. An example of a project is to perform a risk analysis based on a case or on in organization using the risk analysis methodology presented in the class.
Information Security Risk Assessment Project
Instructions: The end of semester project involves the use of qualitative risk analysis methodology described within the lecture and should be due May 2, 2007. This should be done based on organizations that you work for (or another real organization). Make sure to scope the work appropriately. First, collect the data on assets, threats, vulnerabilities, and controls. Use the spreadsheet provided to fill in the three matrices based on the qualitative data collected:
Compute the values of the assets for the asset-vulnerability matrix and then find relative associations between assets-vulnerabilities, vulnerabilities-threats, and threat-controls. You will need to figure out the impacts and probabilities based on the information you can gather from co-workers or other sources to come up with the best estimates possible. Remember that this information should not be the average of opinions, but should be a result of consensus. Make sure to write the reasoning behind the values you came up with similar to the case presented. Use the methodology in the lecture notes (and recommended readings) to cascade the values from one matrix to the other to compute the relative impact of different vulnerabilities, threats, and controls. You may choose any scale that you like (e.g. 0, 1, 3, 9) to reflect the associations between different parameters. Finally, compute the costs of the controls and perform a cost-benefit analysis. Please also include a 2-3 page single-spaced write-up which includes:
Assessment of the Project: The project will be assessed based on the thoroughness of the analysis as well as the rationalization provided for the different values that are input into the matrix. Students should make exhaustive lists of the assets, threats, vulnerabilities and controls and then use the ones that they deem most critical to the organization to limit the scope of the exercise.Download: risk matrices
PAPER ON SECURITY-RELATED TOPICPaper Description
Students are expected to write a paper on a security-related topic based on "Secrets & Lies: Digital Security in a Networked World" by Bruce Schneier. Each student should submit a list of three assigned chapters (in order of preference) and will be assigned one of these to write a one-paged summary.
In addition to this one-page summary, each student is expected to write a two-page write-up which expands on a topic discussed in the assigned chapter using at least 5 recent (within the last 5 years) scholarly references (e.g. journal articles, conference papers). In this second paper, discuss:
I expect you all to write things in your own words without copying from the book and the literature. I do not want any direct quote or long summary of the book or the literature (even with proper citation style). The goal of this assignment is to make sure that you are able to express your thoughts and improve your writing skills. Plagiarism defeats the purpose of this assignment and will be dealt with severely. Grammar and spelling will also be taken into consideration.
APA Style Resourceshttp://library.albany.edu/usered/style/apa.html
Writing Help AvailableThe Writing Center is located in the Humanities Building Room 140 and you can make appointments to meet with staff to go over the development and organization of your papers for 30-60 minute sessions. You can make appointments by phone at 518-442-4061. Walk-ins are possible, but it's best if you schedule ahead so that you can meet with the same staff member. They advise that you bring a draft of what you are writing in advance of the due date so that they can offer suggestions for revisions and then go over your paper after your revisions have been made.
Submission InstructionsPlease submit a single Word document with the following name format: LastName604.doc via Blackboard by 8:30am on 4/17/08. Make sure you get confirmation of your submission by email. Just uploading the file does not necessarily mean that you have submitted it. Any late papers submitted will be penalized.
Copyright © 2013, Sanjay Goel. All Rights Reserved.