InfoSec Courses

COMPUTER INFORMATION SYSTEMS 483
INTRODUCTION TO DATABASE SECURITY (3 Cr.)

Instructor : Dr. S. Srinivasan

Professor of CIS , Room 380
Phone : (502) 852 – 4790
E-mail : srini@louisville.edu

Prerequisite : CIS 310

Description : Basic data protection methods such as discretionary and mandatory access controls, secure database design, data integrity, secure architectures, secure transaction processing, information flow controls, and auditing, Copyright and database protection, privacy issues (including employee records and HIPAA). Security models for relational and object-oriented databases, Security of databases in a distributed environment, survey of commercial systems, and research prototypes.

SYLLABUS

Click here for the full syllabus

LECTURE NOTES (PowerPoint)

Lecture 1 :	Database Security
Lecture 2 :	Access Control
Lecture 3 :	Authentication
Lecture 4 :	Vulnerabilities
Lecture 5 :	Multilevel Security
Lecture 6 :	Polyinstantiation
Lecture 7 :	Security Architecture
Lecture 8 :	SQL Server Security
Lecture 9 :	Security Plan
Lecture 10:	Secure Storage
Lecture 11:	DB-inferences
Lecture 12:	Privacy-Protection
Lecture 13:	Security Audit

STUDENT REPORTS

Student	Report Title
Erica Thomas	Buffer Overflow Vulnerabilities
Alvaro I. Gálvez	Multilevel Database Security
Daniel Blevins	Sarbanes Oxley Act
T. Nguyen	Sarbanes – Oxley Act of 2002
Charles Mahoney	Security Auditing

ASSIGNMENTS

Due Date	Assignment/Report
February 3	Assignment 1
February 8	Research Report 1
February 22	Assignment 2
March 1	Assignment 3
March 22	Assignment 4
March 22	Research Report 2
April 14	Research Report 3
April 19	Assignment 5