Information Security - Authentication and Access Control (edX)

Information Security - Authentication and Access Control (edX)
Learn more fundamentals of information security, including Introduction to Cryptography, Authentication, Access Control and Containerization. This is the 2nd course in the intermediate, undergraduate-level offering that makes up the larger Cybersecurity Fundamentals MicroBachelors Program.

We recommend taking them in order, unless you have a background in these areas already and feel comfortable skipping ahead.

- Information Security - Introduction to Information Security

- Information Security - Authentication and Access Control

- Information Security - Advanced Topics

- Network Security - Introduction to Network Security

- Network Security - Protocols

- Network Security - Advanced Topics

- Penetration Testing - Discovering Vulnerabilities

- Penetration Testing - Exploitation

- Penetration Testing - Post Exploitation

These topics build upon the learnings that are taught in the introductory-level Computer Science Fundamentals MicroBachelors program, offered by the same instructor.

This is a self-paced course that provides a continuation of information security and cybersecurity topics. Among the topics covered are Introduction to Cryptography, Authentication, Access Control, and Containerization. Students learn about both symmetric and asymmetric encryption and their uses. We also take a look at one-way hashing and how it differs from encryption. We drill into ways that encryption is used in PKI and Digital Certificates. Next, we tackle authentication. Authentication is relevant to multiple fields. In art, antiques, and anthropology, a common problem verifies that a given artifact was produced by a particular person or a specific place or period of history. In computer science, verifying a user's identity is often required to allow access to confidential data or systems. Next, we move on to different access control mechanisms. We then drill into the implementation details of access control in several other operating systems. We follow up with a deep dive into compatibility based access control mechanisms. Finally, we look at access control in virtual machines (VM), virtualization, and containerization. We look into how the operating system achieves access control, and whether these methods are sufficient.

What you'll learn

- Describe Strengths and Weaknesses of Data Encryption Standard (DES)

- Describe Strengths and Weaknesses of Advanced Encryption Standard (AES)

- Describe Public Key Cryptography

- Describe Asymmetric Key Algorithms

- Define Hash Functions

- Describe Public Key Signatures

- Describe the Benefits of the Different Types of Authentication

- Define access control

- Apply four types of access control (Discretionary, Mandatory, Role Based, and Unix/Linux File Access Control)

- Describe the use of the SetUID permission in Unix/Linux

- Analyze an access control scenario using an Access Control Matrix

- Differentiate between ACL and Capabilities

- Describe the use of a Reference Monitor

- Describe the Security Mechanisms built into Chromium OS

- Give Examples of Covert Channels including both Timing Channels and Storage Channels

- Describe the Purpose of an Operating System (OS)

- Differentiate between Type 1 and Type 2 Hypervisors

- Describe Containers and their Purpose

- Describe Sandbox Computation


Week 1 - Introduction to Cryptography

Week 2 - Authentication

Week 3 - Access Control Part 1

Week 4 - Access Control Part 2

Week 5 - Containerization

Week 6 - Final Exam