Software Assignments for a Course in Secure E-Commerce
This paper describes a course in computer security for advanced undergraduate students in computer science and software engineering. The aim of the course is to give the student a thorough grounding in the principles and practice of cryptography and secure network protocols, and in the application of these to the development of e-commerce applications. An important part of the learning process is an assignment in which the student develops soft ware for a specified e-commerce application. The paper describes a number of these assignments that have been run over the past several years, and reflects on the lessons learned.
KeywordsSecurity Analysis Certificate Authority Chat Room Authentication Server Digital Right Management
- 1.J. Slay and P. Lock, “Developing an Undergraduate IT Security Stream: Industry Certification and the Development of Graduate Qualities,” presented at Fourth World Conference on Information Security Education, WISE4, Moscow, Russia, 2005.Google Scholar
- 2.Sun Microsystems, “Java Cryptography Extension (JCE) Reference Guide,” 2004, http://java.sun.com/j2se/1.5.0/docs/guide/security/jce/JCERefGuide.html, accessed 08/08/2006.
- 3.B. S. Bloom, Taxonomy of educational objectives. Boston, MA: Allyn and Bacon, 1984.Google Scholar
- 4.S. A. Shaikh, “Information Security Education in the UK: a proposed course in Secure E-Commerce Systems,” presented at 1st Annual Conference on Information Security Curriculum Development, Kennesaw, GA, USA, 2004.Google Scholar
- 5.Rochester Institute of Technology, “Secure E-Commerce,” 2006, http://register.rit.edu/courseSchedule/4002877, accessed 31/10/2006.
- 6.University of Aberdeen, “Security and Privacy,” 2006, http://www.csd.abdn.ac.uk/~jmasthof/teaching/CS5401/, accessed 31/10/2006.
- 7.R. Holloway, “Master in Information Security,” 2006, http://www.isg.rhul.ac.uk/msc, accessed 31/10/2006.
- 8.P. T. Rawles and K. A. Baker, “Developing a public key infrastructure for use in a teaching laboratory,” presented at 4th Conference on Information Technology Curriculum, Lafayette, Indiana, USA, 2003.Google Scholar
- 9.D. Boneh, “Cryptography and Computer Security: Programming Project #2,” 2004, http://crypto.stanford.edu/~dabo/courses/cs255_winter04/, accessed 14/08/2006.
- 10.W. G. Mitchener and A. Vahdat, “A Chat Room Assignment for Teaching Network Security,” presented at 32nd Technical Symposium on Computer Science Education (SIGCSE), 2001.Google Scholar
- 11.OpenSSL, http://www.openssl.org/, accessed 14/08/2006.