Intro to the Internet

CSCE 4560/5560 - Secure Electronic Commerce - Spring 2026

Course Overview

  • Instructor: Dr. Ali Zarafshani

    • Position: Assistant Professor, Department of Computer Science and Engineering

    • Email: ali.zarafshani@unt.edu

    • Office Hours: Tuesday and Thursday 11:00 AM – 12:00 PM (by appointment)

Course Structure

  • Grading (Tentative):

    • In-Class Activities, Quizzes, Homework Assignments, Discussions, and Lab Exercises: 40%

    • Final Term Report/Project Demo: 20%

    • 1st Exam: 20%

    • 2nd Exam: 20%

  • Grades Posting:

    • Grades will be posted on Canvas. Final assessment based on weighted average.

    • Dispute process: Two weeks to dispute grades after posting.

      • Start with IA/TA, then escalate to instructor if unresolved.

  • Exams:

    • 1st Exam: 20% (Weeks 8-10)

      • No make-up exam

    • 2nd Exam: 20% (Weeks 16-17)

  • Quizzes:

    • 6-7 quizzes administered throughout the semester via Canvas LockDown Browser.

    • Timing: Beginning, middle, or end of sections.

  • Assignments:

    • Due before the next class unless stated otherwise.

    • Majority are individual. Late submissions incur penalties, often resulting in a grade of 0.

  • Team Project:

    • Team-based assignment to design and implement a secure e-commerce website.

    • Required Security Features:

      • SSL/TLS certificate

      • Multi-Factor Authentication (MFA)

      • User profiles with strong password policies

      • Anti-malware and antivirus protection

      • Firewall configuration

      • Functional payment gateway

Class Schedule

  • Days: Monday and Wednesday, 5:30 PM – 6:50 PM

  • Attendance Check: Almost every class using iClicker.

  • Academic Honesty:

    • Follow the University’s Academic Integrity Policy. All assignments and exams should be individual unless otherwise stated.

    • A short Academic Integrity Confirmation Quiz will be on Canvas before any assignment submission.

Team Project Details

  • Project Scope: Each team will choose an e-commerce topic to design and implement.

    • Focus on:

    • Security issues and threats

    • System design

    • Security methods and controls

    • Website structure

  • Milestones & Deadlines:

    • Before Midterm: Complete initial design; website must go live.

    • Requirements: Hosting, domain name, SSL/TLS enabled, MFA, and payment gateway.

    • Week 15: Final demonstration and presentation emphasizing security concerns, encountered challenges, solutions implemented, and design improvements.

Tentative Course Topics

  1. Introduction to Internet

  2. E-Commerce Overview

    • Martin Luther King Jr. Holiday: January 19, 2026

  3. HTML & CSS

    • Lab #0: Designing a Secure E-Commerce Client Webpage (Frontend)

  4. PHP

  5. Databases & XML

    • Lab #1: Creating a Full-Stack Web Development Environment on Ubuntu

  6. Security Landscape & Vulnerabilities & Analysis

  7. Threats & Attacks/Review & Web App Vulnerabilities

  8. Security Design Principles

  9. 1st Exam (Closed book, in class)

  10. Spring Break: Step-1 of Project Design Website

  11. Secure Software

    • Lab #2: Information Gathering and WebGoat Attacks

  12. Risk Management & Security Technologies

  13. Security Technologies

    • Lab #3: Nessus Vulnerability Scanning

  14. Development & Deployment

    • Advanced Payment Systems, Secure Payment Systems and Gateways (scheduled end of semester)

  15. Project Presentation: Step-2 of the project (Secure Design Website)

  16. 2nd Exam

Course Communication Guidelines

  • Electronic Devices: Inappropriate use in class is not permitted. Cell phones must remain silent.

  • Approval required for any electronic device use in class.

Student Introductions

  • Submit introduction by January 20, 2026, 11:59 PM, including:

    • Name

    • Year of Study (e.g., Freshman, Sophomore, etc.)

    • Major and Minor(s)

    • Preferred Name

    • Reason for Taking the Class

Key Networking Concepts

  • The Internet:

    • Global interconnected networks using the Internet protocol suite (TCP/IP)

    • Subnetworks that can operate independently.

    • Built on open standards, without centralized control, and accessible with common software.

  • Evolution of the Internet:

    • Originated with ARPANET, which provided initial military and intelligence communication advantages.

    • Phased developments from 1964 to present, including TCP/IP inception and commercialization.

  • Networking Protocols:

    • Definition: Communication across networks using standardized languages (e.g., IPv4).

    • Protocol Layering: Helps manage complexity (e.g., OSI model).

  • Client-Server Architecture:

    • Distributed computing model where the server hosts resources and services consumed by client computers.

    • Advantages: Improved sharing, integration of services, and easier maintenance.

    • Disadvantages: Server overload and centralized architecture risks.

HTTP Overview

  • HTTP (HyperText Transfer Protocol):

    • Used for communication on the Web; enables data exchange between clients and servers.

    • Key versions: HTTP/0.9, HTTP/1.0, HTTP/1.1, HTTP/2, and HTTP/3 (with QUIC).

    • Methods: GET, POST, PUT, PATCH, DELETE, HEAD, and OPTIONS, with details on idempotency.

  • Cookies:

    • Small text files stored in user browsers to keep track of user sessions and preferences due to HTTP's stateless nature.

    • Cookie contents may include session IDs and tracking information.

Security Measures and Practices

  • Fundamentals for strong cybersecurity programs, such as fixing known vulnerabilities, implementing MFA, and using vulnerability scanning services.

  • Ethical considerations regarding cookies and user privacy regulations (GDPR and ePrivacy Directive).

Additional Resources

  • Bug Bounty Programs, CISA cybersecurity tools, occupational trends in information security, and recommended podcasts/book readings in cybersecurity.