CSS 346: Access Controls, Authentication and Public Key Infrastructure (PKI)

Course Description

This course will focus on the concept of access control to information systems. Applications, authentication, and accounting for end users and system administrators will be covered. In addition, security controls for access control including tokens, biometrics, and use of public key infrastructures (PKI) will be covered. (3 credits)

Prerequisites

  • ENG 101: English Composition 1
  • ENG 102: English Composition 2
  • ITE 145: Fundamentals of Information Systems Security OR CSS 101 Cybersecurity Fundamentals
  • ITE 220: Networking and Data Communication (Recommended)

Student Learning Outcomes (SLOs)

Students who successfully complete this course will be able to:

  1. Define access control and identity management concepts.
  2. Analyze how an information classification standard impacts an IT infrastructure’s access control requirements and implementation.
  3. Define proper security controls and techniques to mitigate risks and threats in an IT infrastructure.
  4. Design appropriate authentication solutions throughout an IT infrastructure.
  5. Implement appropriate access controls and identity management techniques within IT infrastructures.
  6. Implement a secure remote access solution.
  7. Implement PKI and encryption solutions to ensure the confidentiality of business communications.
  8. Mitigate risk from unauthorized access to IT systems through proper testing and monitoring.
  9. Develop an access control policy framework consisting of best practices for policies, standards, procedures, and guidelines to mitigate unauthorized access.
  10. Assess the consequences of failed access controls and mitigate unauthorized access.

Course Activities and Grading

AssignmentsWeight

Discussions

10%

Written Assignments

20%

Lab Assignments

20%

Quizzes

10%

Project (Four Parts)

20%

Final Exam

20%

Total

100%

Required Textbooks

Available through Charter Oak State College's Book Bundle

  • Chapple, Mike, Bill Ballad, and Tricia Ballad. Access Control, Authentication, and PKI - Bundle for LMS Integrations. 3rd. ed., Sudbury, MA: Jones & Bartlett, 2021. ISBN-13: 978-1-284-21479-6
    • Note: This is a bundle which includes the textbook and the Access Code required for this course. We discourage students from purchasing “used” materials from other sources due to access codes not working properly.

 

Course Schedule

WeekSLOsReadings and ExercisesAssignments

1

1,2

Topics: Access Control Framework and Business Drivers

  • Read and Review:
    • Chapter 1: Access Control Framework
    • Chapter 2: Business Drivers for Access Controls
  • Read the assigned chapters
  • Review the lecture material
  • Participate in the Discussions 
  • Submit Week 1 Assignment

2

3

Topic: Developing an Access Control Policy Framework

  • Read and Review:
    • Chapter 3: Human Nature and Organizational Behavior
    • Chapter 4: Assessing Risk and Its Impact on Access Control
  • Read the assigned chapters
  • Review the Lecture material
  • Participate in the Discussions
  • Submit the Week 2 Assignment
  • Submit the Week 2 Lab 1
  • Submit the Week 2 Lab 2
  • Complete the Week 2 Quiz

3

4,5

Topics: Access Control in the Enterprise and Business Challenges

  • Read and Review:
    • Chapter 5: Access Control in the Enterprise
    • Chapter 6: Mapping Business Challenges to Access Control Types
  • Read the assigned chapters
  • Review the Lecture material
  • Participate in the Discussions
  • Submit the Week 3 Assignment
  • Submit the Week 3 Lab
  • Complete the Week 3 Quiz

4

5

Topic: Access Control Implementations

  • Read and Review:
    • Chapter 7: Access Control System Implementations
    • Chapter 8: Access Control for Information Systems
  • Read the assigned chapters
  • Review the Lecture material
  • Participate in the Discussion 
  • Submit the Week 4 Assignment
  • Submit the Week 4, Project Part 2 Assignment
  • Submit the Week 4 Lab 1
  • Submit the Week 4 Lab 2

5

5,6

Topics: Physical Security and Remote Access

  • Read and Review:
    • Chapter 9: Physical Security and Access Control
    • Chapter 10: Access Control Solutions for Remote Workers
  • Read the assigned chapters
  • Review the Lecture material
  • Participate in the Discussion
  • Submit the Week 5 Assignment
  • Submit the Week 5 Lab
  • Complete the Week 5 Quiz

6

7

Topic: Public Key Infrastructure and Encryption

  • Read and Review:
    • Chapter 11: Public Key Infrastructure and Encryption
  • Read the assigned chapter
  • Review the Lecture material
  • Participate in the Discussion 
  • Submit the Week 6 Lab
  • Complete the Week 6 Quiz

7

8

Topics: Testing Access Control Systems and Access Control Assurance

  • Read and Review:
    • Chapter 12: Testing Access Control Systems
    • Chapter 13: Access Control Assurance
  • Read assigned chapter
  • Review the Lecture material
  • Participate in the Discussions
  • Submit the Week 7 Assignment
  • Submit the Week 7 Project Part 4 Assignment
  • Submit the Week 7 Lab

8

9,10

Topics: Access Control Laws, Policies, Standards and Security Breaches

  • Read and Review:
    • Chapter 14: Access Control Laws, Policies and Standards
    • Chapter 15: Security Breaches and the Law

 

  • Read the assigned chapters
  • Review the Lecture material
  • Participate in the Discussions
  • Submit the Week 8 Lab
  • Complete the Final Exam
  • Complete the Course Evaluation

 

COSC Accessibility Statement

Charter Oak State College encourages students with disabilities, including non-visible disabilities such as chronic diseases, learning disabilities, head injury, attention deficit/hyperactive disorder, or psychiatric disabilities, to discuss appropriate accommodations with the Office of Accessibility Services at OAS@charteroak.edu.

COSC Policies, Course Policies, Academic Support Services and Resources

Students are responsible for knowing all Charter Oak State College (COSC) institutional policies, course-specific policies, procedures, and available academic support services and resources. Please see COSC Policies for COSC institutional policies, and see also specific policies related to this course. See COSC Resources for information regarding available academic support services and resources.