-
Notifications
You must be signed in to change notification settings - Fork 22.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Request for Comment: Add Security Courses #639
Comments
Sorry if this is off-topic. There was a Cryptography course under Core Applications, what happened to it? Right now I am at that exact place in my curriculum progress, should I follow dev branch or master branch? I'm confused. |
Completely on topic! While the course goes deep on the topic of cryptography, there are many other information security topics that an undergraduate needs to learn that the crypto course does not address. Since the course did not qualify as 'Core CS' it's been removed. See this commit: 8be7b6d As to whether to follow the dev or the master branch, right now you should follow dev. There is actually an Issue open about the branches as well: #638 The master branch is currently simply an old version of the dev branch. |
Another strong contender: The first course in this 2-course offering was rated one of the top 50 MOOCs of 2019: |
Hello! Sorry I'm a little slow to the thread. I've been trying out the courses listed. I have done:
It seems to be a good track; it's on familiar platform, most of the content is available for free (some quizzes are not). I'll probably finish the UC Davis specialisation. Perhaps the course "Information Security: Context and Introduction" could be optional though? I did it in a day and I know it's an introduction but it was very light. If you have already done other courses like Networking or Math for CS, you probably already have the context and it didn't add much more than that. They direct you to Wikipedia a lot, so you could probably just get context from there as needed. The quizzes were not very good (they were testing reading comprehension, not understanding of the material). On the plus side, they do include some reading material (journal/newspaper articles). What do other people think? |
@waciumawanjohi OK; since my comment, I finished Cryptography I. It's a fairly hard MATH class (with optional programming exercises that are pretty cool). You are correct it does not go much into other security topics. The instructor said it would, but in the second class. I think I would support the Alternative you suggested. It is less workload heavy, and gives more options/choice to students. Looks pretty good to me. I prefer the thin and lean options; Proposal seems a bit bloated. Also, off-topic: wouldn't it be so great if secure coding/vulnerabilities were actually taught as standard part of "ordinary" programming classes? |
@spamegg1 very on topic. The CS2013 actually makes a nod to this. The Knowledge Area Information Assurance and Security was newly added in 2013. It is unique in that some of its topics are listed just under that knowledge area, but the majority are distributed through other knowledge areas. So while we should have some content that is focused exclusively on security, we should also expect other courses to their due diligence in teaching the security practices germane to their topics. It's seemed that there's relatively little experience with these courses in the OSSU community, so I'm taking time to work through a number of the courses. I've taken Information Security: Context and Introduction and it is very well suited to teach the CS2013 topic "Foundational Concepts in Security". Because of that, I suspect it will be included in any final configuration of the security courses. I'm currently trying out Unlocking Information Security at the moment. Enjoyable so far. If you have time, I think this is one of the highest need areas of OSSU. Information Security Analysts are projected to be one of the fastest growing jobs in the US and we have no courses that address the field. I would love to have more OSSUnians that could speak to these courses, particularly about:
|
@waciumawanjohi Yeah, security is going to be the biggest growth area in CS, might be even bigger than Data Science related jobs. I think the top quality main security training hub is considered by many to be Cybrary but they are non-free. |
@waciumawanjohi I'll preface by saying I wasn't a CS Major and only have a few years in the security field (so I'm by no means an expert), but just found OSSU and am a fan of what you guys are doing - so figured I'd try to contributed in any way I can. I generally agree that the security core is a good idea, and think your courses listed should satisfy CS2013 under the assumption of the four learning outcomes you've mentioned - noting that it's just to give users a basic understanding of security and not necessarily meant to be comprehensive (which I think you're already doing a good job of noting by linking the RFC to make users aware). If you ever decide to create a security section under Advanced CS - which I believe would generally a good idea once a comprehensive list of security classes are curated, I'd probably add Web Security (which some may argue falls between Threats and Attacks or Defensive Programming) but since web development is so popular compared to learning its security aspects, I'd justify it being it's own topic: Advanced Security
If I find courses for the other topics, I'll update this comment but noting it's been somewhat difficult for me to find decent security courses; often many security courses I've found online give a high level of an overview without actually having assignments to provide the ability to put the knowledge to use (which in general I feel is the most important part of learning). Last Note: The following three courses above are denoted Advanced CS in terms of comprehensiveness opposed to difficulty. Explanation: I considered them as Advanced CS primarily because they are full a semester's length courses - that provide a more comprehensive approach to the four assumed learning outcomes you mentioned in the description (by going into more detail about a particular topic and allowing a person to take the courses only if they are interested). |
@JacobAgunloye I took Crypto I from Coursera and I'd be OK with adding it to an elective Advanced Security section if one exists in the future. I agree it's high quality and the instructor is good. Otherwise it's a very hard math course that teaches the implementation of many ciphers in technical detail (then advises against implementing them yourself), but does not really teach how to use security, or how security concepts fit into a wider context. So probably it should not be outside an elective section. |
@spamegg1 I agree with your thoughts on the Crypto Courses. Let me know what you think about the Web Security course as well if you get a chance to take it. If an Advanced CS Security section is ever created, here's a list of courses that may be of interest that were created by people a lot smarter than me (would have to be vetted first before selected, as I haven't gotten a chance to take all of them): https://www.reddit.com/r/netsec/wiki/start This last note is a digression but an interesting note on why it's always advised to never implement crypto other than standardized and established libraries, is that even the good libraries sometimes become compromised, two that come to mind are:
|
Hey folks, I just wanted to add my two cents as a security engineer myself. I think the University of Maryland Cybersecurity specialization on Coursera is the highest quality security coursework available on any MOOC right now. Most of the other treatments I've seen are superficial, broad, or dated (the UC Davis courses in your curriculum now look decent). The UMD course is a more rigorous review of fundamentals with a particularly strong software security course, essentially the underpinning of all modern security. I appreciate they included the 'Usable Security' course in the specialization, too, which covers human factors most other programs won't even consider. ps. I will also note that I'm a moderator for the above-referenced /r/netsec and helped write some of the content on that /start wiki. I've been an educator in the past, as a faculty member in NYU Tandon's cybersecurity program, too. |
Has anything been decided about this RFC, and the aforementioned security courses? |
The courses in the original proposal have been included in the curriculum. Before them is this note:
I take from Xxylem's and Dguido's comments that the UC Davis courses are reasonable courses. Dguido's perspective is valuable as is his endorsement of U Maryland's specialization (one of the alternate possibilities I listed). My hope is that more students will offer feedback and perspective on these two programs (UC Davis & U Maryland). |
The 'Defensive Programming & Debugging' PRACE course on FutureLearn is great (I have taken it). It teaches the practical aspects of code security, and is taught by academics from supercomputing centres in Europe. The drawback is that it is not available on-demand, and therefore may not be suitable for OSSU. |
Hi , Please can you make the final list of the cyber security track |
One possible resource, it's worked well for me but I don't know if it's organized in a way you guys would want, it's also sort of it's own standalone OSSU with a focus on cybersecurity. |
This resource is pretty interesting: http://howto.hackallthethings.com/2016/07/learning-exploitation-with-offensive.html |
…roject section I see that there is a thread containing discussion on the inclusion of cybersecurity resources ossu#639. That repository has remained quiet for some time, but the field is continuing to grow in importance at a seemingly exceptional rate. I therefore think it should be an option to engage in a security related specialisation at the end of the OSSU. See the specialisation home page here: https://www.coursera.org/professional-certificates/ibm-cybersecurity-analyst Overview: - The specialisation is comprised of 8 courses, with a capstone and assessment at the end, much like the other specialisations listed in the 'Final Project' section. - High quality teachers and recognised cybersecurity giant backing. - Wide range of of areas covered including an introduction, operational security, sysadmin, networking, threat assessment, database security and incident response. - Highly rated curriculum (4.5 stars minimum course rating - capstone project rated at 4.8 stars). - Course material is up to date. - The recommended completion time is in keeping with the other courses in this section. - English, Arabic, French, Portuguese (European), Italian, Vietnamese, German, Russian, Spanish subtitles. Considerations - There are some complaints about the audio quality on the videos. I would say that, although it is not perfect quality, it is perfectly audible and not at all difficult to understand or grating to listen to. In any case, the content of the video lectures is thorough and I personally feel that the course is taught in a clear, concise and easy to understand way. - Adding a cybersecurity related course to the Final Projects section may not be appropriate since the other cybersecurity sections of the readme note that their inclusion is provisional pending further consideration. Notwithstanding, it is clear that more and more traditional brick and mortar universities are putting a greater and greater emphasis on cybersecurity in their curriculum's and it would be prudent to mirror that behaviour. The OSSU is a fantastic resource and I am very grateful to have been able to take advantage of it. I believe it can only get better by embracing cybersecurity resources and adding them as a path for future students to take. For many people the OSSU is their only option for getting a high quality, structured education in computer science and I think they should be given the option to engage deeper with cybersecurity. ^ The above said, I am no cybersecurity vetran and would certainly welcome the thoughts of those who are on IBM's offering.
With 1 comment over the past year, it seems time to close this call for comments. I remain interested in the recommendation for U Maryland's cybersecurity course and welcome future comments comparing its quality to the current recommendations. I am also interested in recommendations for courses that would be appropriate for an Advanced Security section. See this comment as a starting point. |
Having closed the [RFC: Add Security Courses](#639), it is time to remove the provisional label from the Core Security section.
I just finished the first two courses Principles of Secure Coding They pretty much all of the topics in IAS/Principles of Secure Design and IAS/Foundational Concepts in Security Except: With the exception of the last one, the first 3 don't seem to be covered in either of the optional courses. Maybe we could do away with them to make the curriculum lighter. |
To elaborate on what is covered, please refer these images: (When I say "Secure Coding Practices Specialization", I mean just the first 2 courses that I've done. ) The 4th course in the spec does cover "Prevention, detection, and deterrence" but that's a tier 2 topic. I haven't done the other 2 courses, so maybe someone who has can provide more guidance. We could move them to advanced or remove them to make the curriculum lighter. The first 2 courses seem to pretty much cover what we need except a small handful of topics. |
This is good info! Can you make a new RFC so that this gets visibility from interested contributors? |
Will do this weekend! |
* Add security courses on a provisional basis. See ossu#639 * Include link to HtDP book and problem sets * Update readings.md * Added link to HW for Intro to Parallel Programming Intro to Parallel Programming's grader is broken, it's impossible to submit programming assignments. It's also impossible to compile and run the code on your PC, unless you own an nVidia GPU. Thankfully some nice folks on Github created a Google Research Colab page where you can compile and run your homeworks (unfortunately the Final Exam is not available and probably never will be). I understand this uses Google's GPU sharing. * Remove dead link * Simplify table of contents * Fix spelling mistake * Links to prerequisites courses added * Move courses to advanced Change the Haskell course suggestion. A big thank you to @aryzach for prompting the switch. Move courses to advanced programming. See Issue. Closes ossu#669 * Move curricular guidelines out of extras. * Clarify that CS2013 is the curricular guidance for OSSU Resolves ossu#679 * Add The Missing Semester Resolves ossu#678 * Replaced Hack the Kernel with OSTEP Implementing the proposal from issue 690: ossu#690 * Add note to Changelog that curriculum is > v8 and < v9. Resolves ossu#674 * Replace LAFF with MIT's OCW Scholar Linear Algebra Resolves ossu#693 * Reflect addition of new Intro section. * Make note more prominent * updated Software Engineering prereqs and added relevant FAQ * Update README.md * Update link to curricular guidelines * Remove link to dead domain * Update link for Compiler Construction * Change Programming Languages Part A Prereq Resolves 716 * How to audit the intro to programming courses Resolves ossu#724 * Updated PROJECTS.md Finished Specialization, using its Capstone as Final Project * Update README.md * Update OS Course Version Resolves ossu#707 * Update README.md * Update README.md Removed LAFF, changed Parallel Programming * Update courses.md Moved Intro to Parallel Programming to Extras * Update readings.md Removed Sheldon Axler's "Linear Algebra Done Right (FREE)" because it is no longer free after the end of July 2020. It was made free temporarily due to COVID-19. * Python for Everyone > Python for Everybody The course, book and website all say everybody instead of everyone. Just a little nit I noticed. * Switch Python for Everybody link Students regularly ask in Gitter how to audit Python for Everybody (Py4E). The instructor of Py4E has created a free version on a standalone site. This has been the alternate link. Instead this should be the main link. * Replace previous Probability course Added a new probability course called Stat110 from Harvard, and moved the previous one to the extra courses page. * Update README.md * Add new question to FAQ Tighten language on some FAQ answers * Rearrange order of FAQ questions * Simplify Intro to Programming Resolves ossu#763 * Raise duration estimate to match Coursera's estimate * Course listing should match course title * Update .gitignore * Use Stanford Database courses Stanford Database courses had long been part of the OSSU curriculum. When Stanford pulled down their platform Lagunita, OSSU had to find a new offering. With the Stanford material back on edX, OSSU should return to this high quality offering. Resolves ossu#718 Resolves ossu#709 * Change chat from Gitter to Discord * Add 'Discussion' header to Core Math and Core Systems * Re-add newsletter link * Remove unnecessary coursework from Advanced Systems. Resolves ossu#772 * Delete reference to cohorts repo. Cohorts repo was closed after an RFC. Resolves ossu#780 * Removed redundant note from Advanced Systems The note was referring to Electricity & Magnetism classes, which were removed. * Update HELP.md A server admin will have to enable the discord widget in the settings for the discord server * Update help.md [#173862703] Authored-by: Waciuma Wanjohi <[email protected]> * Replaced FutureLearn pre-calculus with Khan Academy - To be more consistent with our Khan Academy recommendation elsewhere in the curriculum - also some students expressed confusion with the FutureLearn course * Added link to Interactive Exercises from Kurose-Ross textbook website * Update FAQ language and order [#173862703] Authored-by: Waciuma Wanjohi <[email protected]> * Use Discord Widget [#173862703] Authored-by: Waciuma Wanjohi <[email protected]> * Update math prereq columns * Changed Py4E hours of effort to match OSSU expected weekly effort levels * Removed errant submodule added on prior commit * Prerequisite section mention of high school math links to FAQ * Remove dead link. Resolves ossu#795 * Move the Missing Semester later in curriculum Resolves ossu#778 * Clarify that OSSU is not working in partnership with any org to offer degrees. * Fixed Advanced Systems dead links * Match recommended calc to course listed prereqs https://www.edx.org/course/introduction-to-probability 'Familiarity with U.S. high school level algebra concepts; Single-variable calculus: familiarity with matrices, derivatives and integrals.' * replace dead link Fix for [computer-science/issues/825](ossu#825) * Update Newsletter Address * Add link to completion estimate chart Discord user crokei26#1613 created an initial version of this great resource. A huge thanks to them! * Removed Formal Concept Analysis (fixes ossu#818) - fixes ossu#818 - removed `CUDA` and `GPU programming` from topics (left over from before) * Direct Py4E students directly to the lessons * Switch Math for CS from OCW to OLL Implement ossu#832 * add two new books on systems * Add section to FAQ about alts * Sharpen FAQ answer language * Remove direct link to issues We often get issues opened that are empty, with no text or description of a problem. This may be because learners follow the link from the Community section, and post in order to interact. By removing the link (but keeping the link to the contributing instructions) we can hopefully direct new learners in how to interact productively. * Move CS50 to Courses/Extras Resolves ossu#833 * Remove prereq not mentioned by course creators * Remove topic that is not covered in the section * changed the discord invites Changed the 2 invite links (one inside the svg) to direct to the #welcome discord channel. Also changed some relevant language. * Update Game Design specialization Bump to new version * Include edX financial aid information * feat: Change order of database courses * Update issue templates * Changed link to Effective Thinking Through Mathematics course in extras (issue ossu#870) (ossu#871) * Changed link to Effective Thinking Through Mathematics course in extras * Delete .DS_Store Co-authored-by: Jonathan Hustad <[email protected]> Co-authored-by: waciumawanjohi <[email protected]> * updated Prolog link, added PDF version (fixes ossu#868) (ossu#873) * updated Prolog link, added PDF version * updated Prolog link, added PDF version - removed `Text` column, added footnote instead * updated Prolog link, added PDF version - parentheses * updated Prolog link, added PDF version - added link to book source code * Updated links to both HtC Simple and Complex Data * Added alt link to ocw version of 6.002 in extra courses (ossu#885) * added OCW alt link for 6.002 in extra courses * fixed parenthesis * Update books' editions * Updated the links for books that have a newer edition. I have included the authors' home page for the book where possible. * Updated some titles to reflect the linked edition. I have maintained the original format (``2e`` for the books in the ``Programming`` section ``(2nd Edition)`` for the books in the other sections). Unifying the format could be something to consider. * More realistic estimate for OS course Hi, I am currently taking this course and I am about half way into it. I already have a CS degree and I've been working as a developer for ~8 years. The course is very interesting and comprehensive. If you want to do this course properly, I think 6 hours per week for this course is bare minimum: - There are ~3 hours of lectures each week - The original course is split into 14 weeks - Each chapter has homework at the end of it - Homeworks are not very difficult, but some of them require significant amount of work - Projects require significant amount of work * Update other_curricula.md Add new curriculum (writing started Summer 2019) See more: https://github.com/functionalCS * Reflects locked down CS Timeline Spreadsheet * Spreadsheet link prompts users to make a personal copy * Remove course that is no longer offered Resolves ossu#907 * Make Calculus Required closes ossu#841 * Change calculus recommendation to OLL and OCW Resolves ossu#838, ossu#886 * Change Networking course to Kurose-Ross Resolves ossu#887 * Evaluation section update Change language to encourage students to be proactive in seeking feedback for projects. * Advanced Applications subsumed by Project Clarifies that the advanced application list is a subset of a larger, unspecified, set of adequate options. Advanced Applications was listed as a precursor and possible replacement for the final project. This merges the two and specifies that students may choose another avenue for creating a capstone project. Resolves ossu#830 * Update core math blurb Resolves ossu#921 * Removed Project with Dead Link 1. Removed Binary Machine project as repository link results is dead. 2. Fixed link to applications block. * Update Team * extras/courses: Add Introduction to Computational Thinking by MIT As noted here ossu#912 adding this course to The Math section * Add Algorithms by Sedgewick Add Algorithms by Robert Sedgewick on the basis that it's a freely available book from a reputable institution (it's the textbook for the Princeton Coursera courses). That being said, I haven't had the chance of reading the book so I can't personally comment on its quality. * Commit for RFC at issue ossu#933 (ossu#945) * Commit for RFC at issue ossu#933 Added by error Co-authored-by: Harsh <[email protected]> * Add The Linux Command Line book to Tools section in extra readings * Switch 3b1b Linear Algebra from pre to corequisite (ossu#927) Switch 3b1b Essence of Linear Algebra from prerequisite of MIT Linear Algebra to corequisite * Add interesting/useful reading resources (ossu#941) * fix: updated Computation Structures 1,2 & 3 links (ossu#953) * Add books, fix formatting * Add Ethics Course Ethics being a very important education in field of computer science. CS 2013 Says, while technical issues are central to the computing curriculum, they do not constitute a complete educational program in the field. Students must also be exposed to the larger societal context of computing to develop an understanding of the relevant social, ethical, legal and professional issues. This need to incorporate the study of these non-technical issues into the ACM curriculum was formally recognized in 1991. * Update README.md * Update Ethics Course Discord Links * Fix link formatting * fix some links * extras/books recommends Linear Algebra for Everyone closes ossu#910 * Add puzzles-practice to extras Closes ossu#783 * Added Intro to Numerical Analysis Added Introduction to Numerical Analysis by HSE, a CS2013 Elective Course. * Added alternative to Intro to NumAnalysis. Added MIT18-335J as an alternative to Introduction to Numerical Analysis. * Swapped Core security and Core applications links in the curriculum index to reflect the order of the page. Added a link for Core ethics to the index. Updated some capitalization. * Add answer on finding courses * Add cs-video-courses * Add link to goodreads in FAQ * Remove alternate course that is no longer offered. * Update README.md * Fixes typos * Update full stack open hours/week https://studies.cs.helsinki.fi/stats/courses/fullstackopen According to the course stats, every part takes at least 15 hours to finish on average. * update MathForCS dead alternate link * Remove note on provisional status Having closed the [RFC: Add Security Courses](ossu#639), it is time to remove the provisional label from the Core Security section. * Replace Numerical Analysis Course Resolves ossu#1006 * Typo fix * Fix typo * Math for CS 2010, 2015/2019 solutions * Add DSA Textbook to Extras Thank you to @hamzakat Closes ossu#994 * alternate links for Computation Structures * alternate links for Computation Structures improved formatting * added OSTEP course page * added OSTEP course page fixed typo * added OSTEP course page fixed typos, removed/updated links * added OSTEP course page updated prerequisites on README * Replace discontinued Intro Sec Course [Information Security: Context and Introduction](https://www.coursera.org/learn/information-security-data) has been discontinued. Replacing with [Cybersecurity Fundamentals](https://www.edx.org/course/cybersecurity-fundamentals) Resolves ossu#1041 * Update README.md * Update README.md * Add information security link to table of contents * hints and tips for OSTEP Project 2A * Rename intro file in directory to README.md Users browsing the directory structure will better understand which file to read first. * Fix typo Small typo fix * Update PROJECTS.md Reword the top description of PROJECTS.md to make it more clear what this section is about. * Swap Intro CS from edX to OpenCourseWare * change Logic course * Update LICENSE copyright year Signed-off-by: Ariston Lorenzo <[email protected]> * Improve links From a suggestion by @Alaharon123 here: ossu#1078 (comment) * Update exercism url to point to the current url * Add 2011 Berkeley SICP in Scheme to extras Since the Scheme version remains arguably as/more popular * Update PROJECTS.md * Update PROJECTS.md * update How to Design Programs textbook link * Update courses.md * Update courses.md * Update courses.md * Update courses.md * added resource explaining xv6 code for OSTEP * added resource explaining xv6 code for OSTEP fixed typo * Clarify OSTEP Options Direct most students to read OSTEP and complete homework. Direct only students specializing in systems to undertake the course projects Resolves ossu#1083 Co-authored-by: Waciuma Wanjohi <[email protected]> Co-authored-by: spamegg <[email protected]> * Clarify OSTEP: add missing link, fix prerequisite * Add structure to links * Update FAQ.md * Update CONTRIBUTING.md * Changed course for Theory of Computation to the one in openMIT (ossu#1125) Resolves ossu#1096 * Reduce time estimate for Probability * Correct link to resources below (ossu#1133) * fix core applications machine learning (ossu#1143) * Fix machine learning in core applications The machine learning course is only 3 weeks long, not 11. Further, it's a very gentle introductory course. Even the prerequisite of Basic coding is stretching it, but it is as listed on the course page. * Fix machine learning Machine learning should link to the entire specialization. The specialization is 11 weeks in all I believe, and they suggest 9 hours per week although that could be scaled down to 4-6 hours if you're just auditing. Also, the prerequisite should be basic coding, linear algebra is not necessary. Closes ossu#1118 * Add a new project from a student (ossu#1130) * Added a PR template for projects. (ossu#1136) * Update CURRICULAR_GUIDELINES.md Reference the upcoming CS2023 * Update LICENSE copyright years (ossu#1152) * Update course link Effective Thinking Through Mathematics * Census Announcement * Move census link to top of page * Correct the CS50 alt URL https://cs50.harvard.edu/ just redirects to Edx. The course is available at https://cs50.harvard.edu/x/ * Remove 2023 Census link * Add better link for How to Code courses Add the Systematic Program Design course (which consists of both parts of How to Code) as the main link and move How to Code to to alt. * Add backt the HTDP book * Add intro-programming course page (ossu#1177) * Create intro-programming course page (incomplete) * Complete the intro-prgramming page * Add intro-programming course page to the README file * Fix spellings * Fix the name of the Py4E course * Add alt for Computer Graphics Resolves ossu#1140 * Update Process Mention taking courses in parallel. Resolves ossu#1139 * Fix CS50P pset links * Changed typo 'strucked' to 'stucked' * fix typos * Create CNAME * Update CNAME * Delete CNAME * Create CNAME * Delete CNAME * Create CNAME * update Software Engineering: Introduction course * Add whitespace May address ossu#1191 * Use full word rather than abbreviation for accessibility (ossu#1194) * Hopefully fix some confusions regarding alt courses Mention the full word "alternative" instead of the short form "alt" which may cause confusion to non-native speakers. Also change "/" to "," for the two parts of HTC course. * Fixed the missing "alt" * Replace deleted course with its video playlist * Adding a new URL course for Git and GitHub because the old link invalid (ossu#1204) * Adding discussions channels * Remove mentions of outdated materials and add warning about them (ossu#1212) * Remove mentions of outdated materials and add warning about them * Remove the new warning blockquote syntax Seems like github pages don't support the new warning blockquote syntax * Update README.md with suggestion from @waciumawanjohi (1) Co-authored-by: Lenox Waciuma Wanjohi <[email protected]> * Update README.md with suggestion from @waciumawanjohi (2) Co-authored-by: Lenox Waciuma Wanjohi <[email protected]> * Update README.md with suggestion from @waciumawanjohi (3) Co-authored-by: Lenox Waciuma Wanjohi <[email protected]> --------- Co-authored-by: Lenox Waciuma Wanjohi <[email protected]> * add final project into PROJECTS.md * Move space between badges out of link text * fix: quick stupid case corrections for Discord can I brag about having contributed to ossu yet? :^) * Mark the Py4E course link as link The Py4E course link in the intro cs coursepage was not marked as link. While GitHub renders it as link, the GitHub pages website don't. This PR fixes that. The PR also fixes the CS50P discord invite link, which was expired. This time, I have made a link that never expires, and can be used an unlimited number of times. * Update page to use CSS for center alignment Uses mozilla recommended CSS for centering: https://developer.mozilla.org/en-US/docs/web/html/element/center * Align with div attribute Github homepage does not respect the CSS centering * Add Intro CS coursepage and replace the OCW version with an archived version on Edx (ossu#1224) * Create README.md * Add link to Intro CS course page * Update README.md * Update courses.md This change is adding the interactive, open-source, community-led SICP version that was adapted into JavaScript. This addition seems worthwhile because JavaScript may be a more appealing language to go through SICP with than the original Scheme. In addition, this JavaScript version of SICP was created with the apparent goal of being as close to the original Scheme version as possible: https://sourceacademy.org/sicpjs/prefaces03 * Add SPD coursepage (ossu#1225) * Create README.md * Add files via upload * Update README.md * Add files via upload * Update README.md * Update README.md * Update readings.md * Update README.md * Update README.md * Delete coursepages/spd/HTC2X.zip * Delete coursepages/spd/htc-simple.zip * Delete coursepages/spd/space-invaders-starter.rkt * Delete coursepages/spd/ta-solver-starter.rkt * Update README.md * Add files via upload * Add info about eabling automatic parentheses, square brackets and quotes * Remove the newsletter link The newsletter link does not work anymore. Also, AFAIK, it was not in active use anyway. * Remove Projects.md * Move interactive textbook from courses to readings --------- Signed-off-by: Ariston Lorenzo <[email protected]> Co-authored-by: Waciuma Wanjohi <[email protected]> Co-authored-by: waciumawanjohi <[email protected]> Co-authored-by: spamegg <[email protected]> Co-authored-by: Aaron Hooper <[email protected]> Co-authored-by: Manuel Esparza <[email protected]> Co-authored-by: aryzach <[email protected]> Co-authored-by: riceeatingmachine <[email protected]> Co-authored-by: spamegg <[email protected]> Co-authored-by: Travis Brackett <[email protected]> Co-authored-by: Cybermise <[email protected]> Co-authored-by: Cybermise <[email protected]> Co-authored-by: Josh Hanson <[email protected]> Co-authored-by: attackgnome <[email protected]> Co-authored-by: bradleygrant <[email protected]> Co-authored-by: silential <[email protected]> Co-authored-by: Uniminin <[email protected]> Co-authored-by: Alaharon123 <[email protected]> Co-authored-by: Silent <[email protected]> Co-authored-by: Tyler Miller <[email protected]> Co-authored-by: Tanya Nevskaya <[email protected]> Co-authored-by: Hanqiu Jiang <[email protected]> Co-authored-by: licjon <[email protected]> Co-authored-by: Jonathan Hustad <[email protected]> Co-authored-by: Henrick Kakutalua <[email protected]> Co-authored-by: Elahi-cs <[email protected]> Co-authored-by: Josip Ćavar <[email protected]> Co-authored-by: Kye Davey <[email protected]> Co-authored-by: Dody2 <[email protected]> Co-authored-by: Harsh <[email protected]> Co-authored-by: azzsal <[email protected]> Co-authored-by: Rodi <[email protected]> Co-authored-by: NadaTElwazane <[email protected]> Co-authored-by: Guilherme Marz Vazzolla <[email protected]> Co-authored-by: aayushsinha0706 <[email protected]> Co-authored-by: Nico Schlömer <[email protected]> Co-authored-by: Dion Rigatos <[email protected]> Co-authored-by: Matt Rieke <[email protected]> Co-authored-by: Nick Roma <[email protected]> Co-authored-by: Ethan Deng <[email protected]> Co-authored-by: Mikhail Loginov <[email protected]> Co-authored-by: Eero Pomell <[email protected]> Co-authored-by: Justin Kim <[email protected]> Co-authored-by: Ariston Lorenzo <[email protected]> Co-authored-by: Maheshkumar P <[email protected]> Co-authored-by: Roman Bird <[email protected]> Co-authored-by: martin <[email protected]> Co-authored-by: anantav51 <[email protected]> Co-authored-by: Choubs01 <[email protected]> Co-authored-by: Thái Hữu Trí <[email protected]> Co-authored-by: Rob <[email protected]> Co-authored-by: Ariston Lorenzo <[email protected]> Co-authored-by: Pulkit Krishna <[email protected]> Co-authored-by: zkv <[email protected]> Co-authored-by: Avishek Sen <[email protected]> Co-authored-by: Budi_Ubuntu <[email protected]> Co-authored-by: Karim Safan <[email protected]> Co-authored-by: karim1safan <[email protected]> Co-authored-by: Pablo Colturi Esteve <[email protected]> Co-authored-by: Yukai Chou <[email protected]> Co-authored-by: Maru <[email protected]> Co-authored-by: mgg143 <[email protected]>
Problem:
OSSU:CS does not give students the proper broad introduction to information security.
Duration:
Feb 29, 2020
Background:
OSSU promises the equivalent of an undergraduate degree in Computer Science. In order to evaluate our recommended courses, we use the Curriculum Guidelines for Undergraduate Programs in Computer Science (CS2013). More information can be found here.
CS2013 specifies a number of knowledge areas a curriculum must cover, one of which is Information Assurance and Security (IAS). This is described as "...the set of controls and processes both technical and policy intended to protect and defend information and information systems by ensuring their confidentiality, integrity, and availability, and by providing for authentication and non-repudiation." There are 6 topics within this knowledge area.
It is important to note that the expectation is generally just an introduction of these areas. There need only be 1-2 hours of lecture material on each topic (this time does not count course readings, assignments, etc, which will be extra time). The learning outcomes on most topics expect only that students are familiar with the topics, not necessarily that they have used them. For example, students must be able to "Explain why input validation and data sanitization is necessary in the face of adversarial control of the input channel." Asking students to undertake data sanitization goes above and beyond the curricular requirements. (It should be noted that students may certainly choose electives that far exceed the general requirements.)
The four learning outcomes that expect students to demonstrate 'usage' are:
how to handle an exception.
Only 2 of these expect students to write code.
Proposal:
Add three courses to the curriculum:
And give students the option between one of these two courses:
Alternatives:
a) Use only one course to cover all of the IAS topics:
b) Choose one of the following specializations (which go more in depth).
The text was updated successfully, but these errors were encountered: