CSS 346: Access Controls, Authentication and Public Key Infrastructure (PKI)

Course Description

This course will focus on the concept of access control to information systems. Applications, authentication, and accounting for end users and system administrators will be covered. In addition, security controls for access control including tokens, biometrics, and use of public key infrastructures (PKI) will be covered. (3 credits)

Prerequisites

  • ENG 101: English Composition 1
  • ENG 102: English Composition 2
  • ITE 145: Fundamentals of Information Systems Security
  • ITE 220: Networking and Data Communication (Recommended)

Student Learning Outcomes (SLOs)

Students who successfully complete this course will be able to:

  1. Define the authorization and the access to an IT infrastructure based on an access control policy framework.
  2. Mitigate risk to an IT infrastructure's confidentiality, integrity, and availability with sound access controls.
  3. Analyze how a data classification standard impacts an IT infrastructure's access control requirements and implementation.
  4. Develop an access control policy framework consisting of best practices for policies, standards, procedures, and guidelines to mitigate unauthorized access.
  5. Assess the consequences of failed access controls and mitigate unauthorized access.
  6. Apply various access control methods to solve a range of business challenges.
  7. Define proper security controls within the User Domain to mitigate risks and threats caused by human behavior.
  8. Implement appropriate access controls for information systems within IT infrastructures.
  9. Explore ways to secure the facilities that house sensitive resources and use biometric technology to verify identity.
  10. Design appropriate authentication solutions throughout an IT infrastructure based on user types and data classification standards.
  11. Utilize policies, standards, guidelines, and procedures to implement and maintain access control.
  12. Implement a secure remote access solution.
  13. Implement PKI and encryption solutions to ensure the confidentiality of business communications.
  14. Mitigate risk from unauthorized access to IT systems through proper testing and reporting.
  15. Interpret how information assurance concepts can be applied to access controls, resulting in a more secure IT architecture.

General Education Outcomes (GEOs)

Please check the applicable GEOs for this course, if any, by outcomes at GEO Category Search, or by subject area at GEO Discipline Search.

Course Activities and Grading

AssignmentsWeight

Discussions (Weeks 1, 2, 3 & 6)

3%

Written Assignments (Weeks 1-7)

26%

Lab Assignments (Weeks 1-5 & 7)

20%

Quizzes (Weeks 2, 3 & 5)

6%

Project (Week 8)

25%

Final Exam (Week 8)

20%

Total

100%

Required Textbooks

Available through Charter Oak State College's online bookstore

  • Chapple, Mike, Bill Ballad, and Tricia Ballad. Access Control, Authentication, and PKI - Bundle for LMS Integrations. 2nd ed., Sudbury, MA: Jones & Bartlett, 2014. ISBN-13: 9781284159677

Note: This is a bundle which includes the textbook and the Access Code required for this course. Student must purchase these materials “New” from the Charter Oak State College bookstore. Used materials or materials from any other source are not acceptable.

Course Schedule

WeekSLOsReadings and ExercisesAssignments

1

1,2

Topics: Access Control Framework, Assessing Risk and Impact on Access Control

  • Readings:
    • Chapter 1, “Access Control Framework”
    • Chapter 2, “Assessing Risk and Its Impact on Access Control”
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Assignment: Identification, Authentication and Authorization Techniques
  • Submit Assignment: Impact of U.S. Federal and State Compliance Laws
  • Submit Assignment: Infrastructure Control areas within the Seven Domains
  • Submit Assignment: Improving Security through Layered Security Control
  • Complete Lab: Configure an Active Directory Domain Controller
  • Complete Lab: Manage Windows Accounts and Organizational Units

2

3,4

Topic: Developing an Access Control Policy Framework

  • Readings:
    • Chapter 3, “Business Drivers for Access Controls”
    • Chapter 4, "Access Control Policies, Standards, Procedures, and Guidelines"
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Assignment: Implementation of a Data Classification Policy
  • Complete Lab: Configure Windows File System Permissions
  • Complete Quiz 1

3

5,6,7

Topics: Unauthorized Access, Security Breaches and Human Resources Risks

  • Readings:
    • Chapter 5, "Security Breaches and the Law"
    • Chapter 6, “Mapping Business Challenges to Access Control Types”
    • Chapter 7, “Human Nature and Organizational Behavior"
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Assignment: Implementation of an Organization-Wide Security Plan
  • Submit Assignment: Implementing a Comprehensive Human Resources Risk Management Plan
  • Complete Lab: Manage Group Policy Objects in Active Directory
  • Complete Lab: Configure Windows Firewall
  • Complete Quiz 2

4

8

Topic: Access Control for Information Systems

  • Readings:
    • Chapter 8, “Access Control for Information Systems”
  • Read assigned chapter
  • Review the Lecture material
  • Submit Assignment: Aligning Account Types and Privileges
  • Submit Assignment: Developing Access Control Strategies for Data and File Systems
  • Complete Lab: Manage Linux Accounts
  • Complete Lab: Configure Linux File System Permissions

5

9,10

Topics: Physical Security and Enterprise Access Control

  • Readings:
    • Chapter 9, “Physical Security and Access Control”
    • Chapter 10, “Access Control in the Enterprise"
  • Read assigned chapters
  • Review the Lecture material
  • Submit Assignment 1: Implementation of Authentication Process
  • Complete Lab: Encrypting and Decrypting Files with PKI
  • Complete Quiz 3

6

11,12,14

Topic: Testing Access Control Systems

  • Readings:
    • Chapter 11, "Access Control System Implementations"
    • Chapter 12, "Access Control Solutions for Remote Workers"
    • Chapter 14, "Testing Access Control Systems"
  • Read assigned chapters
  • Participate in the Discussions
  • Review the Lecture material
  • Submit Assignment: Scope of Work for Penetration Test
  • Submit Assignment: Internet/Web Access Management
  • Complete Lab: Authenticating Security Communications with Digital Signatures

7

13

Topics: Public Key Infrastructure and Encryption

  • Readings:
    • Chapter 13, "Public Key Infrastructure and Encryption"
  • Read assigned chapter
  • Review the Lecture material
  • Submit Assignment 1: PKI and Encryption at Work
  • Complete Lab: Encrypt and Decrypt Web Traffic with HTTPS

8

1-15

Topics: Course Project and Final Examination

  • Submit Project: Access Control Proposal
  • Complete Final Exam
  • Complete the Course Evaluation

COSC Accessibility Statement

Charter Oak State College encourages students with disabilities, including non-visible disabilities such as chronic diseases, learning disabilities, head injury, attention deficit/hyperactive disorder, or psychiatric disabilities, to discuss appropriate accommodations with the Office of Accessibility Services at OAS@charteroak.edu.

COSC Policies, Course Policies, Academic Support Services and Resources

Students are responsible for knowing all Charter Oak State College (COSC) institutional policies, course-specific policies, procedures, and available academic support services and resources. Please see COSC Policies for COSC institutional policies, and see also specific policies related to this course. See COSC Resources for information regarding available academic support services and resources.