Expectations for the on-line course
At www.shsu.edu, click on
If this is your first time to use SHSU’s
computer system, you may need to
activate your account. Otherwise,
click on Login and enter your usual
SHSU username and password.
Once you’ve logged in, click the
My Courses tab, if necessary, and
select CS 537.
CS 537 on E-College
1. Review course syllabus and any
other information about the course.
2. Browse around and get com-
fortable with the environment.
3. Click on week 1, assignments,
and answer questions about your
Each week, make sure you are up-to-
date on reading, lecture materials
I recommend that you set aside three
hours each week to read material
and participate in discussions on-
line. Lecture notes are sometimes
deliberately divided into two shorter
sections for easier consumption.
Keeping Up with Course
Each module is organized around material for a given week. Week 1 will include
everything from the start of the semester until 9/3. In order to keep up with the
material, try to complete a “week” each week.
Please begin by reviewing
the syllabus, then review
chapter 1 lecture notes
and complete the
I will include a discussion forum each week.
Sometimes, it will be for casual discussion;
other times it may be part of your assignment.
• The student will learn the reasons and
techniques for protecting data in modern
database management systems.
• The student will be introduced to common
problems in the implementation and
configuration of network-accessible databases
and receive an introduction to current
research into how to improve database
• Prerequisites: CS 334, DF 531 or departmental
approval. Students are assumed to have some
experience with database management systems and
• Required Text Book: Database Security and Auditing:
Protecting Data Integrity and Accessibility by Hassan
Afyouni (ISBN: 0-619-21559-3).
• Optional Materials: SQL reference or references for
Oracle or Microsoft SQL Server may be helpful. A
virtual machine environment with Oracle 10g will be
made available, or you can download the express
edition from www.oracle.com.
• Students are required to review assignments, lecture notes, and message
postings by students and faculty on a regular basis.
• Assignment submissions, message postings in discussion forums, or any
other obvious interaction with the course will count, each week, as
“attendance” in the course.
• Students should set aside regular times to review lecture notes and
message postings just as if they had a scheduled course to attend.
• A participation grade will be calculated from the percentage of weeks that
the student made his or her presence known, not including exams.
• Work must be submitted before any posted deadline (unless explicitly
stated otherwise) and will not be accepted after grades, solutions and
discussion of the work are posted on the course site. Consult the professor
as soon as possible regarding any possible alternative arrangements.
The student's average is calculated by averaging
grades (100-point scale) of a certain type,
then combining the uniform averages into a
single weighted average according to the
Type of Work Weight in calculating grade
Wiki report 15%
Exams (10% each) 30%
Final exam 10%
• All work must be your own unless clearly identified. Any ideas or work
that comes from someone else must be documented, appropriately (exam
answers and homework are assumed to be inspired by your book and
lecture notes, but any assistance from web sites or other students should
• Anything you include in submitted work that is copied from somewhere
else and any ideas incorporated into your report which were first thought
by someone else or inspired your own thinking must include credit to the
original source (for web pages, this can include links to referenced
material, but published works should include a traditional bibliographic
• Any type of cheating, especially clear cases of academic dishonesty, may
result in all students involved receiving a grade of F for the semester; at
the least, part or all of an assignment may be rejected as a warning. (See
the University Code of Conduct,
www.shsu.edu/students/guide/dean/codeofconduct.html, and my own
web page, www.shsu.edu/~csc_kth/cheating.pdf, for more information.)
Week Reading assignment Assignment
08/27 Syllabus, introduction Background information
1 09/03 Chapter 1 – Need for security; terminology Select wiki topic
2 09/10 Chapter 2 – Operating system security Common DB security issues
3 09/17 Chapter 3 – Managing database users HW 2
4 09/24 Stored procedures HW 3-2
5 10/01 Chapter 4 – Profiles Exam 1
6 10/08 Password verification function, privileges, roles HW 4
7 10/15 Chapter 5 – Application security HW 4-2
8 10/22 SQL injections and buffer overflow HW 5
9 10/29 Chapter 6 - Virtual private databases HW 6
10 11/05 Triggers Exam 2
11 11/12 Chapter 7 - Database auditing models
12 11/19 HW 7
13 11/22 Chapter 8 - Application auditing
14 12/03 Security design
15 12/10 Wrap-up and review Exam 3
12/16 Final Exam