CSS 346: Access Controls, Authentication and Public Key Infrastructure (PKI)

Course Description

This course will focus on the concept of access control to information systems. Applications, authentication, and accounting for end users and system administrators will be covered. In addition, security controls for access control including tokens, biometrics, and use of public key infrastructures (PKI) will be covered. (3 credits)

Prerequisites

ENG 101: English Composition 1
ENG 102: English Composition 2
ITE 145: Fundamentals of Information Systems Security OR CSS 101 Cybersecurity Fundamentals
ITE 220: Networking and Data Communication (Recommended)

Student Learning Outcomes (SLOs)

Students who successfully complete this course will be able to:

Define access control and identity management concepts.
Analyze how an information classification standard impacts an IT infrastructure’s access control requirements and implementation.
Define proper security controls and techniques to mitigate risks and threats in an IT infrastructure.
Design appropriate authentication solutions throughout an IT infrastructure.
Implement appropriate access controls and identity management techniques within IT infrastructures.
Implement a secure remote access solution.
Implement PKI and encryption solutions to ensure the confidentiality of business communications.
Mitigate risk from unauthorized access to IT systems through proper testing and monitoring.
Develop an access control policy framework consisting of best practices for policies, standards, procedures, and guidelines to mitigate unauthorized access.
Assess the consequences of failed access controls and mitigate unauthorized access.

Course Activities and Grading

Assignments	Weight
Discussions	10%
Written Assignments	20%
Lab Assignments	20%
Quizzes	10%
Project (Four Parts)	20%
Final Exam	20%
Total	100%

Required Textbooks

Available through Charter Oak State College's Book Bundle

Chapple, Mike, Bill Ballad, and Tricia Ballad. Access Control, Authentication, and PKI - Bundle for LMS Integrations. 3rd. ed., Sudbury, MA: Jones & Bartlett, 2021. ISBN-13: 978-1-284-21479-6
- Note: This is a bundle which includes the textbook and the Access Code required for this course. We discourage students from purchasing “used” materials from other sources due to access codes not working properly.

Course Schedule

Week	SLOs	Readings and Exercises	Assignments
1	1,2	Topics: Access Control Framework and Business Drivers Read and Review: Chapter 1: Access Control Framework Chapter 2: Business Drivers for Access Controls	Read the assigned chapters Review the lecture material Participate in the Discussions Submit Week 1 Assignment
2	3	Topic: Developing an Access Control Policy Framework Read and Review: Chapter 3: Human Nature and Organizational Behavior Chapter 4: Assessing Risk and Its Impact on Access Control	Read the assigned chapters Review the Lecture material Participate in the Discussions Submit the Week 2 Assignment Submit the Week 2 Lab 1 Submit the Week 2 Lab 2 Complete the Week 2 Quiz
3	4,5	Topics: Access Control in the Enterprise and Business Challenges Read and Review: Chapter 5: Access Control in the Enterprise Chapter 6: Mapping Business Challenges to Access Control Types	Read the assigned chapters Review the Lecture material Participate in the Discussions Submit the Week 3 Assignment Submit the Week 3 Lab Complete the Week 3 Quiz
4	5	Topic: Access Control Implementations Read and Review: Chapter 7: Access Control System Implementations Chapter 8: Access Control for Information Systems	Read the assigned chapters Review the Lecture material Participate in the Discussion Submit the Week 4 Assignment Submit the Week 4, Project Part 2 Assignment Submit the Week 4 Lab 1 Submit the Week 4 Lab 2
5	5,6	Topics: Physical Security and Remote Access Read and Review: Chapter 9: Physical Security and Access Control Chapter 10: Access Control Solutions for Remote Workers	Read the assigned chapters Review the Lecture material Participate in the Discussion Submit the Week 5 Assignment Submit the Week 5 Lab Complete the Week 5 Quiz
6	7	Topic: Public Key Infrastructure and Encryption Read and Review: Chapter 11: Public Key Infrastructure and Encryption	Read the assigned chapter Review the Lecture material Participate in the Discussion Submit the Week 6 Lab Complete the Week 6 Quiz
7	8	Topics: Testing Access Control Systems and Access Control Assurance Read and Review: Chapter 12: Testing Access Control Systems Chapter 13: Access Control Assurance	Read assigned chapter Review the Lecture material Participate in the Discussions Submit the Week 7 Assignment Submit the Week 7 Project Part 4 Assignment Submit the Week 7 Lab
8	9,10	Topics: Access Control Laws, Policies, Standards and Security Breaches Read and Review: Chapter 14: Access Control Laws, Policies and Standards Chapter 15: Security Breaches and the Law	Read the assigned chapters Review the Lecture material Participate in the Discussions Submit the Week 8 Lab Complete the Final Exam Complete the Course Evaluation

COSC Accessibility Statement

Charter Oak State College encourages students with disabilities, including non-visible disabilities such as chronic diseases, learning disabilities, head injury, attention deficit/hyperactive disorder, or psychiatric disabilities, to discuss appropriate accommodations with the Office of Accessibility Services at OAS@charteroak.edu.

COSC Policies, Course Policies, Academic Support Services and Resources

Students are responsible for knowing all Charter Oak State College (COSC) institutional policies, course-specific policies, procedures, and available academic support services and resources. Please see COSC Policies for COSC institutional policies, and see also specific policies related to this course. See COSC Resources for information regarding available academic support services and resources.