Century
College
Computer School
Department: E-Business Information Technology
Diploma
Course Number: eBIZ480
Course Title: Secure Transaction for eCommerce
Credits: 3 credits
Semester: Spring (January) 2003
Time: Friday, 4:30 p.m. to 7:30
p.m.
Instructor: Mr. David (Cyri) Jones
Course Outline
Course
Description
This course will provide an overview of the diverse security
issues one must consider when starting or maintaining an e-commerce enabled
website. By the end of the course, students
should have an understanding of both general security strategy but also how to
use and protect against specific common hacking tools.
Pre-requisites
Student must be in Term 3
standing.
Required
Textbooks
Safe and Secure by Arman Danesh, Ali Mehrassa
and Felix Lau, SAMS, 2002, 359 pgs., I have ordered copies of this book from
the Book Warehouse on 4th Ave. (near corner of Arbutus and 4th
Ave.). The price is $30.36
Recommended Readings, Textbooks,
Equipment, Lab or Shop Manuals, etc.
Hacking Exposed: Network Security Secrets & Solutions
by Stuart McClure & Joel Scambray, Osborne/McGraw Hill, 1999, 484 pgs.
($51.16 Cdn.)
How Wireless Works by Preston Gralla, Que, 2002 ($35.96
Cdn.)
Computer Privacy & Security, Smart Computing Learning
Series, 2002 ($7.95 Cdn).
E-commerce by Dotty Boen Oelkers, Thompson Learning,
2000
Course Objective
The objective of this course is to teach students the basic
security principles necessary to secure an e-commerce site, and also to expose
students to specific hacking techniques one should protect against. While it realistically takes years to gain
the experience necessary to be an Internet security expert, this course should
get you on the right track and show you the tools and resources necessary to
learn more if you wish to pursue further.
Learning Outcomes
Student who successfully
completed the course should be able to do the following:
·
Prepare a security
strategy plan
·
Identify potential
security weaknesses and ways to protect their weaknesses
·
Explain how credit
card transactions take place and the necessary security considerations
surrounding these transactions
·
Use a number of
hacking tools and learn how to protect against these hacking tools
·
Launch or maintain
an e-commerce website and reasonably mitigate security risks
Assignments /
Quizzes / Tests
Apart from midterms and
final exams, students will be expected to complete regular assignments unless
specifically exempted. The structure of these assignments or mini projects and
their due dates shall be described in handouts distributed in class, as the
term progresses. Marks will be deducted for late assignment.
Assessment and Evaluation (to be finalized and announced to students during
the first week of classes by instructor):
Quizzes 26%
(13 quizzes worth 2% each)
Website Review 14%
Participation 10%
Hacker Journal Project 25%
Final Exam 25%
(multiple choice and one long answer question)
Letter Grades
Marks Grade GPA Marks Grade GPA
95-100 A+
4.33 65-69
C+ 2.33
90-94 A
4.00 60-64
C 2.00
85-89 A-
3.67 55-59
C- 1.67
80-84 B+
3.33 50-54
D 1.00
75-79 B
3.00 0-49
F 0.00
70-74 B-
2.67 Incomplete N 0.00
Expectation / Course Requirements
In
borderline cases, personal evaluation that reflects the student’s effort, work
habits, participation in class, improvement over the course, and regular
attendance will be taken into account in order to assign a letter grade.
Late
submission of course work will encounter a 10% deduction of the full mark per
calendar day (not working day). No mark will be assigned after the
solutions are discussed.
Missed
examinations and assignments will be given zero marks unless prior arrangements are made with the
instructor. Usually no make-up exam is
allowed unless for medical reason. Regular attendance is strongly urged.
Missing classes will often result in confusion and loss of continuity.
Students are responsible for all announcements made in class.
Assignments must be based on individual efforts. Examination and tests will be
conducted in a restricted environment. Use of written ideas, concepts and
design of others must be acknowledged. Instructors and students must comply
with College policy on plagiarism and cheating, in some circumstances if a
student is suspected of cheating, an oral examination may be required.
Students
may ask for a revision of their marked exams and assignments. Instructor will
review the entire exam or assignment in the presence of the student. This
procedure may result in a higher or lower mark for that paper.
Learning Activities
Activities can include, but
are not restricted to the following:
¨
Attending lectures and
taking notes
¨
Working on assignments
¨
Implementing group
projects
¨
Demonstrating expertise
by writing regular quizzes
¨
Participating in group
discussions
¨
Analyzing case
situations
¨
Presenting ideas to and
meeting challenges from the class
Course
content / Topic Outline
Content or
topic outline will include, but is not restricted to the following (to be
finalized and
announced to students by the instructor in the first week of classes):
Week/Lecture Topics
1.
Introduction to e-commerce security
2.
How the Internet works
3.
How e-commerce works
4.
Networking infrastructure
5.
Securing a standalone computer
6.
Wireless Ethernet security
7.
Using personal firewall software
8.
Dangers of viruses on the Internet
9.
Securing a home network
10.
Privacy and data security
11.
Testing your security
12.
Recovering from distaster & backup strategies
13.
Online e-commerce sites case studies
14.
Future security trends
15.
Exam
Note: This outline will be finalized in the second
week of classes after the class has had an opportunity to provide input on the
areas they would like to focus on.