Office of the Registrar

The Office of the Registrar is located at 105 Heth Hall on the main campus. The Office of the Registrar is located on the 4th Floor, Suite 417-419 at Radford University Carilion in Roanoke.

1 / 2

Registration is open for fall 2024 classes. »

2 / 2

Information Technology 445

ITEC 445: Computer System and Database Security

Prerequisites: ITEC 345 and (ITEC 340 or ITEC 304), and (ITEC 220 or ITEC 315)

Credit Hours: (3)

Instructional Method : Three hours lecture.

Threats and vulnerabilities in software systems, principles to design and implement secure software systems, database and information security.

Detailed Description of Content of Course

Topics include:
1. Computer application vulnerabilities, threats and attacks
2. Malicious software
3. Physical security of servers
4. Secure software design principles
5. Security analysis (ethical hacking/penetration testing)
6. Operating System security
7. Evaluating systems for security using standards (e.g., Common Criteria)
8. Database Security and Privacy
9. Host based security controls such as Intrusion detection and prevention mechanisms

Detailed Description of Conduct of Course

Programming projects involving design and development of secure software will be given. Projects will use databases to enforce principles of database security. Homework problems that require analysis of threats and solutions will be given.

Goals and Objectives of the Course

Students who complete the course will be able to:
1. Describe and identify common vulnerabilities and exploits in software applications.
2. Apply well-known secure design principles such as least privilege, separation of privilege, complete mediation, economy of mechanism and least common mechanism.
3. Implement secure code for applications in a high-level language such as Java.
4. Identify and describe the various security controls and secure operations to achieve security and privacy in operating systems and databases.
5. Describe the concepts of assurance and trust.
6. Describe the process of evaluating systems for security using standard criteria such as the Common Criteria.

Assessment Measures

Evaluation may be based on several programming projects, problems, and at least two examinations. The instructor may also use quizzes or other assessment strategies.

Review and Approval

Revised June, 2023

April 12, 2018
April 6, 2017
Revised: June 1, 2012
September 9, 2008 New Course Arthur Carter, Chair