695.621.81 - Public Key Infrastructure and Managing E-Security

Expanded Course Description

This will be my first semester teaching this course and I have integrated some new content. You will notice the format of the slides in the video lecture are different than the ones posted. The content remains the same, it is migrated to the newest and accessible format. Additionally, some assignments have changed. There will be technical labs as well as a final lab project. The final lab project replaces the term research paper previously required. To make sure you have the correct assignments, please refer to the Course Outline.

Course Structure

">

The course materials are divided into modules which can be accessed by clicking Modules on the left menu. A module will have several sections including the overview, content, readings, discussions, and assignments. You are encouraged to preview all sections of the module before starting. Most modules run for a period of seven (7) days, exceptions may be noted in the Course Outline. You should regularly check the Calendar, Microsoft Teams and Announcements for assignment due dates.

Course Topics

• Symmetric cryptography
• Asymmetric cryptography
• The concept of infrastructure
• Public Key Infrastructure (PKI) services and components
• PKI infrastructure components
• Transport Layer Security (TLS), Domain Name System (DNS) security, email encryption, digital signatures
• Certificate policy and practices statement
• PKI implementation considerations
• Key management
• Quantum computing

Course Goals

By the end of this course, students should be able to:

• Explain the core principles of cryptography
• Describe the structure and function of PKI components
• Analyze digital certificates
• Configure and secure communications using SSL/TLS
• Discuss the potential impact of quantum computing on PKI

Course Learning Outcomes (CLOs)

• Determine the roles a PKI has with regard to mitigation of various contemporary cybersecurity threats.
• Choose the appropriate asymmetric or symmetric encryption technology for encryption tasks.
• Identify the technical and non-technical components of a PKI.
• Evaluate existing PKI certificate policy statements and write unambiguous policy.
• Lead and/or participate in the planning, design, development, implementation and maintenance phases of a PKI.

Textbooks

Adams, Carlisle, Steve Lloyd Understanding PKI: Concepts, Standards, and Deployment Considerations, 2nd edition. Boston, Mass: Addison-Wesley, 2003

ISBN-10: 0672323915
ISBN-13: 978-0672323911

A digital copy of the book can be found here at no cost to students (requires you to login with your JHED).

Note that although this text is dated, it contains valuable conceptual information related to PKI. Up to date material from the National Institutes of Standards (NIST), the Federal PKI Policy Statements, and a wide variety of other sources supplement text materials to ensure students have the most recent information on PKI. Links to these materials will be provided in the course modules for students to download from the Internet at no cost.

Required Software

Students will need to use Microsoft Word and Docker Desktop to participate in the course. They will also use MS Teams to participate in the optional weekly office hour.

Student Coursework Requirements

Success in this course typically requires 5–9 hours of effort per week. Students will want to read appropriate sections of the required text (1-2 hour); review and complete the online modules and associated materials (1–2 hours); complete labs (2-3 hours); and participate in discussion forums and group activities (1-2 hours). 

This course will consist of four basic student requirements. Points are distributed between the four requirements as follows: 

Item	% of Grade
Preparation and Participation	10%
Labs	30%
Final Project	20%
Examinations: Midterm and Final	40%

1. Preparation and Participation (Class Discussions) (10% of Final Grade Calculation)

You are responsible for carefully reading all assigned material and being prepared for discussion. Most readings are from the course text. Additional reading may be assigned to supplement text readings. 

Post your initial response to the discussion questions by the 4th evening for that module week (e.g. if the Module starts on Monday, the initial posting is due by Thursday). This includes the module challenge questions and the Cyber News discussion forum. Posting an initial response to the discussion question is part one of your grade for module discussions (i.e., Timeliness). Your responses to other classmates and questions asked in your own thread are due by the second day of the next Module (e.g. if the Module starts on Monday, the responses are due by the following Tuesday). 

Part two of your grade for module discussion is your interaction (i.e., responding to classmate postings with thoughtful responses) with at least two (2) classmates (i.e., Discussion Interaction). Just posting your response to a discussion question is not sufficient; you should be interacting with your classmates. Feel free to agree or disagree with your classmates. Please ensure that your postings are civil and constructive. 

Part three of your grade for module discussion is your detailed responses. Questions may require additional research to answer, so please be sure to cite your sources. Be detailed in your postings and in your responses to your classmates’ postings. 

I will monitor module discussions and will respond to some of the discussions as discussions are posted. You are responsible for responding to questions raised by me or fellow students within any threads you participate in. Keep in mind, all discussion content is part of the course and thus may appear on assignments. 

All prompts will require some research to be done, and the expectation is the sources that are utilized are properly cited. 

Evaluation of preparation and participation is based on contribution to discussions. 

Preparation and participation are evaluated by the following grading elements: 

1. Timeliness (25%) 

1. Discussion Interaction (25%) 

1. Critical Thinking (50%) 

Preparation and participation is graded as follows:  100-90 = A - Timeliness [regularly participates; all required postings; early in discussion; throughout the discussion]; Discussion Interaction [responds to 3 classmates and follows-up on questions]; Critical Thinking [rich in content; full of thoughts, insight, and analysis].  89-80 = B - Timeliness [frequently participates; all required postings; some not in time for others to read and respond]; Discussion Interaction [responds to only 2 other threads or does not follow-up with questions asked in threads]; Critical Thinking [substantial information; thought, insight, and analysis has taken place].  79-70 = C - Timeliness [infrequently participates; all required postings; most at the last minute without allowing for response time]; Discussion Interaction [responds to only 1 other thread]; Critical Thinking [generally competent; information is thin and commonplace].  < 70 = F - Timeliness [rarely participates; some, or all required postings missing]; Discussion Interaction [no interactions happening]; Critical Thinking [rudimentary and superficial; no analysis or insight is displayed]. 

     2.  Assignments (30% of Final Grade) 

Assignments will be in the form of hands-on labs to provide a technical understanding of PKI. It is expected that students follow the lab instructions and perform research on the lab topics.  Each lab will have instructions on how to execute the lab and follow on questions testing knowledge gained from the lab.  

All assignments are due according to the dates in the Assignments items in Canvas. If, after submitting a written assignment you are not satisfied with the grade received, you are encouraged to reach out to the instructor(s) to discuss the deductions. Allowing resubmission for partial credit will be determined on a case-by-case basis. Each lab will be graded with 60% from evidence of completion of the technical lab and 40% for the knowledge questions. 

Knowledge questions are evaluated by the following grading elements: 

• Each part of question is answered (15%) 

• Writing quality and technical accuracy (35%) (Writing is expected to meet or exceed accepted graduate-level English and scholarship standards. That is, all assignments will be graded on grammar and style as well as content.) 

• Rationale for answer is provided (35%) 

• Demonstrated research and incorporation of additional resources (15%) 

 3.  Final Project (20% of Final Grade) 

The final project follows the same structure as the labs with technical hands on work and knowledge questions. The final project lab will be much larger in scale and requires student analysis and application of knowledge learned through the other six labs and the course. The final project will be graded with 60% from evidence of completion of the technical lab and 40% for the knowledge questions. 

Knowledge questions are evaluated by the following grading elements: 

• Each part of question is answered (15%) 

• Writing quality and technical accuracy (35%) (Writing is expected to meet or exceed accepted graduate-level English and scholarship standards. That is, all assignments will be graded on grammar and style as well as content.) 

• Rationale for answer is provided (35%) 

• Demonstrated research and incorporation of additional resources (15%) 

 4. Examinations (40% of Final Grade) 

The mid-term exam will be presented following the 6th course module and the final exam will be presented following the 12th course module.  Students will have up to 5 hours to complete both the midterm and the final exams once they access the exam questions. Therefore, students should be certain to block out a contiguous time period to complete each exam. 

Students will choose 5 questions to answer from the 6 questions which are presented on the midterm and 5 questions to answer from the 6 questions which are presented on the final. The format of the questions will be short answer essay which will cover material from the first six course modules for the midterm and material from all course modules for the final. 

Each question will make up 20% of the exam score and will be awarded for answering questions accurately and succinctly. Students who choose to answer all presented questions will be graded on the results of their best 5 scores.  

Grading Policy

Student assignments are due according to the dates in the Assignments items. I will post grades within one week following assignment due dates.

Recalling that each student has the opportunity to earn a total of 500 points during the course, the final course letter grade will be assigned as indicated below.

450(90%)–500(100%) =  A
400(80%)–449(89.8%) = B
350(70%)–399(79.8%) = C
Below 350(<70%) = F -  Non-passing

Note that each student has the opportunity to earn 500 points. Therefore, every student has the opportunity to earn an A in the course.  Note, too, that the grading brackets strictly apply.  A final total score of 449 will be a B.

Academic Policies

Deadlines for Adding, Dropping, and Withdrawing from Courses

Students may add a course up to one week after the start of the term for that particular course. Students may drop courses according to the drop deadlines outlined in the EP academic calendar. Between the 6th week of the class and prior to the final withdrawal deadline, a student may withdraw from a course with a W on their academic record. A record of the course will remain on the academic record with a W appearing in the grade column to indicate that the student registered and withdrew from the course. 

Academic Misconduct Policy

All students are required to read, know, and comply with the Johns Hopkins University Krieger School of Arts and Sciences (KSAS) / Whiting School of Engineering (WSE) Procedures for Handling Allegations of Misconduct by Full-Time and Part-Time Graduate Students. This policy prohibits academic misconduct, including but not limited to the following: cheating or facilitating cheating; plagiarism; reuse of assignments; unauthorized collaboration; alteration of graded assignments; and unfair competition. Course materials (old assignments, texts, or examinations, etc.) should not be shared unless authorized by the course instructor. Any questions related to this policy should be directed to EP’s academic integrity officer at ep-academic-integrity@jhu.edu.

Students with Disabilities - Accommodations and Accessibility

Johns Hopkins University values diversity and inclusion. We are committed to providing welcoming, equitable, and accessible educational experiences for all students. Our courses are designed with a proactive approach to accessibility to minimize the need for disability disclosure and accommodation requests, but we recognize that you may need additional support. Students with disabilities (including those with psychological conditions, medical conditions, and temporary disabilities) can request accommodations for this course by providing an Accommodation Letter issued by Student Disability Services (SDS). Please request accommodations for this course as early as possible to provide time for effective communication and arrangements.  For further information or to start the process of requesting accommodations, please contact EP Student Disability Services at ep-disability-svcs@jhu.edu. 

Student Conduct Code

The fundamental purpose of the JHU regulation of student conduct is to promote and to protect the health, safety, welfare, property, and rights of all members of the University community as well as to promote the orderly operation of the University and to safeguard its property and facilities. As members of the University community, students accept certain responsibilities which support the educational mission and create an environment in which all students are afforded the same opportunity to succeed academically. For a full description of the code please visit the Student Conduct Code website.

Classroom Climate

JHU is committed to creating a classroom environment that values the diversity of experiences and perspectives that all students bring. Everyone has the right to be treated with dignity and respect. Fostering an inclusive climate is important. Research and experience show that students who interact with peers who are different from themselves learn new things and experience tangible educational outcomes. At no time in this learning process should someone be singled out or treated unequally on the basis of any seen or unseen part of their identity. If you have concerns in this course about harassment, discrimination, or any unequal treatment, or if you seek accommodations or resources, please reach out to the course instructor directly. Reporting will never impact your course grade. You may also share concerns with your program chair, the Assistant Dean for Diversity and Inclusion, or the Office of Institutional Equity. In handling reports, people will protect your privacy as much as possible, but faculty and staff are required to officially report information for some cases (e.g. sexual harassment).

Course Auditing

When a student enrolls in an EP course with “audit” status, the student must reach an understanding with the instructor as to what is required to earn the “audit.” If the student does not meet those expectations, the instructor must notify the EP Registration Team (EP-Registration@exchange.johnshopkins.edu) in order for the student to be retroactively dropped or withdrawn from the course (depending on when the "audit" was requested and in accordance with EP registration deadlines). All lecture content will remain accessible to auditing students, but access to all other course material is left to the discretion of the instructor.