Computer and Network Security - Assignment 1 | CS 4237, Assignments of Cryptography and System Security

Material Type: Assignment; Professor: Lee; Class: Comp & Network Security; Subject: Computer Science; University: Georgia Institute of Technology-Main Campus; Term: Fall 2007;

Typology: Assignments

Pre 2010

Uploaded on 08/05/2009

koofers-user-a90-1
koofers-user-a90-1 🇺🇸

9 documents

1 / 2

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CS4237 Computer and Network Security Homework #1
(Due 9/24/2007 at the beginning of class)
For this assignment, assume you are writing a security policy for cs1301, the introduction
to computing class that everyone at Tech has taken in some form or another.
Visit the class web page
(http://www.cc.gatech.edu/classes/AY2007/cs1301_fall/) to see what the course
is about. A partial list of assets and objects that need protection include:
draft homework assignments. Where are these stored? Who has access to these?
communication between the TAs and instructor about course maintenance. (For
example, consider whether the instructor should answer questions about
grades and class standing in response to an e-mail sent from a hotmail or
yahoo account. Should the class require an authentication/encryption system
for everything? Or just require that all communication about grades be sent
through an acme mail transfer?)
communications between TAs and students. How are e-mails between students
and TAs treated? Do they have to be logged or archived, or can the TA just
do what they want with the mail?
draft quizzes. Who has access?
graded assignments and quizzes. While homework and quizzes are often on
paper, assume there's an electronic artifact created with paper homework or
quiz. Where are the electronic records stored? Who has access?
lecture slides and code examples presented in lecture
access to a centralized grading database (here, we can assume “webwork” or
any other database).
access to the Banner grading system, so that student grades can be entered at the
midterm and semester end.
You might identify additional objects that need protection. There are many groups of
people that will need access to some of this information. A partial list includes:
Students
TAs
head TA (for this homework, you may assume there are N TAs and just one head
TA, with no other layers of bureaucracy in between)
An instructor
A “course owner”, who is a tenured faculty member in charge of high level design
of the class
Various administrative officials
In doing this assignment, you may make reasonable assumptions about how things are
run in the course. Thus, if you're not sure how grades are stored in the real cs1301, you
can just assume there's some database somewhere. (List and address your assumptions,
of course.)
pf2

Partial preview of the text

Download Computer and Network Security - Assignment 1 | CS 4237 and more Assignments Cryptography and System Security in PDF only on Docsity!

CS4237 Computer and Network Security Homework

(Due 9/24/2007 at the beginning of class) For this assignment, assume you are writing a security policy for cs1301, the introduction to computing class that everyone at Tech has taken in some form or another. Visit the class web page (http://www.cc.gatech.edu/classes/AY2007/cs1301_fall/) to see what the course is about. A partial list of assets and objects that need protection include:

  • draft homework assignments. Where are these stored? Who has access to these?
  • communication between the TAs and instructor about course maintenance. (For example, consider whether the instructor should answer questions about grades and class standing in response to an e-mail sent from a hotmail or yahoo account. Should the class require an authentication/encryption system for everything? Or just require that all communication about grades be sent through an acme mail transfer?)
  • communications between TAs and students. How are e-mails between students and TAs treated? Do they have to be logged or archived, or can the TA just do what they want with the mail?
  • draft quizzes. Who has access?
  • graded assignments and quizzes. While homework and quizzes are often on paper, assume there's an electronic artifact created with paper homework or quiz. Where are the electronic records stored? Who has access?
  • lecture slides and code examples presented in lecture
  • access to a centralized grading database (here, we can assume “webwork” or any other database).
  • access to the Banner grading system, so that student grades can be entered at the midterm and semester end. You might identify additional objects that need protection. There are many groups of people that will need access to some of this information. A partial list includes:
  • Students
  • TAs
  • head TA (for this homework, you may assume there are N TAs and just one head TA, with no other layers of bureaucracy in between)
  • An instructor
  • A “course owner”, who is a tenured faculty member in charge of high level design of the class
  • Various administrative officials In doing this assignment, you may make reasonable assumptions about how things are run in the course. Thus, if you're not sure how grades are stored in the real cs1301, you can just assume there's some database somewhere. (List and address your assumptions, of course.)

Deliverables: This homework is a short-essay. Just hand in your (neatly typed/diagrammed) homework.