BIRMINGHAM CITY UNIVERSITY

FACULTY OF COMPUTING ENGINEERING AND THE BUILT ENVIRONMENT

COURSEWORK ASSIGNMENT BRIEF
[CMP5329 & Cyber Security]

Coursework Assignment Brief

Assessment - Undergraduate

Academic Year 2023-24

Module Title: Cyber Security

Module Code: CMP5329

Logbook and Reflective Essay – Cryptographic Practice and
Assessment Title:
Access Control
Assessment Identifier: Coursework Weighting: 40%

School: School of Computing and Digital Technology

Module Co-ordinator: Dr M Ghahramani

Hand in deadline date: 3 pm on the 22 March 2024

Re-assessment hand in
TBA
deadline date:
Return of Feedback date
20 Working days following on assessment submission point
and format
Support available for
Timetabled support sessions will be arranged for the period
students required to
immediately preceding the hand-in date
submit a re-assessment:

At the first assessment attempt, the full range of marks is

NOTE: available. At the re-assessment attempt the mark is capped
and the maximum mark that can be achieved is 40%.

Assessment Summary Cryptographic Practice and Access Control: 40%

To assess Cryptographic practice and Access control. In this

coursework, students will be required to complete logbook
record based on practical lab exercises and write a 500-
word reflection report.

1 CEBE UG Assignment brief revised 04/11/2022

IMPORTANT STATEMENTS

Undergraduate Regulations

Your studies will be governed by the BCU Academic Regulations on Assessment, Progression and Awards.
Copies of regulations can be found at https://www.bcu.ac.uk/student-info/student-contract

For courses accredited by professional bodies such as the IET (Institution of Engineering and Technology)
there are some derogations from the standard regulations, and these are detailed in the academic
regulations.

Cheating and Plagiarism

Both cheating and plagiarism are totally unacceptable, and the University maintains a strict policy against
them. It is YOUR responsibility to be aware of this policy and to act accordingly. Please refer to the
Academic Registry Guidance at https://icity.bcu.ac.uk/Academic-Services/Information-for-
Students/Assessment/Avoiding-Allegations-of-Cheating

The basic principles are:

• Don’t pass off anyone else’s work as your own, including work from “essay banks”. This is plagiarism
and is viewed extremely seriously by the University.
• Don’t submit a piece of work in whole or in part that has already been submitted for assessment
elsewhere. This is called duplication and, like plagiarism, is viewed extremely seriously by the
University.
• Always acknowledge all of the sources that you have used in your coursework assignment or project.
• If you are using the exact words of another person, always put them in quotation marks.
• Check that you know whether the coursework is to be produced individually or whether you can work
with others.
• If you are doing group work, be sure about what you are supposed to do on your own.
• Never make up or falsify data to prove your point.
• Never allow others to copy your work.
• Never lend disks, memory sticks or copies of your coursework to any other student in the University;
this may lead you being accused of collusion.
• AI tools cannot be used to write assignments as these have to be your own work. Please refer to:
FAQ link

By submitting coursework, either physically or electronically, you are confirming that it is your own work (or,
in the case of a group submission, that it is the result of joint work undertaken by members of the group that
you represent) and that you have read and understand the University’s guidance on plagiarism and cheating.

You should be aware that coursework may be submitted to an electronic detection system to help ascertain if
any plagiarised material is present. You may check your own work prior to submission using Turnitin at the
Formative Moodle Site. If you have queries about what constitutes plagiarism, please speak to your module
tutor or the Centre for Academic Success.

Electronic Submission of Work

It is your responsibility to ensure that work submitted in electronic format can be opened on a faculty
computer and to check that any electronic submissions have been successfully uploaded. If it cannot be
opened it will not be marked. Any required file formats will be specified in the assignment brief and failure to
comply with these submission requirements will result in work not being marked. You must retain a copy of
all electronic work you have submitted and re-submit if requested.

2
Learning Outcomes to be Assessed:
1. Examine and evaluate the application of various applied information security mechanisms
(e.g. symmetric and asymmetric cryptography and cryptographically secure hash
functions, digital signatures, certificates and PKI).
2. Explain the operation of discretionary and mandatory access control systems.

Assessment Details:

Title: Cryptographic Practice and Access Control Practical Exercise Logbook and Reflection
Report

Type: Coursework

Style: Logbook containing screenshots to demonstrate the commands used to complete the
exercises followed by a 500-word reflection report on the role cryptography and access
control in data security.

Rationale: To achieve the assessed learning outcomes relating to Cryptographic practice

and Access control. Students are required to use cryptography programs and access control
commands to demonstrate their understanding of the tasks specified in the practical
experiments e.g. to create a public and private using OpenSSL and cracking password

Description: Students will complete lab exercises and write these up in a logbook format
containing screenshots and commands to demonstrate the completion of the exercises. This
will be followed by a 500-word report reflecting on the role of cryptography and access
control in securing data. You may consider a situation where an organisation may choose
one technique over the other and then provide arguments to support the justification. You
are encouraged to use a use case that is aligned with the presentation of a guest lecturer
that will discuss the practices that a cyber security company in the West Midlands follows to
secure the data of their customers. You many consider ease of implementation and strength
of the security provided by the particular technique as part of your discussion. Students will
Labs include
• Moodle week 1: lab Use of OpenSSL Commands
• Moodle week 2: lab Simple use of GPG
• Moodle week 5: lab Use of Linux Discretionary Access Control commands
• Moodle week 6: lab Cracking password hash exercise

3
Additional information: The report should be referenced appropriately.

For advice on writing style, referencing and academic skills, please make use of the Centre
for Academic Success: https://icity.bcu.ac.uk/celt/centre-for-academic-success

Workload: Students will complete the 4 lab exercises and write these up in a logbook
format containing screenshots and command transcripts demonstrating completion of
relevant lab exercises. Followed by a 500-word report which reflects on the role
cryptography and access control in securing data.
The screenshots in the report must capture the date and time of when the
screenshot was taken; this should be done by capturing the full screen
showing the calendar displayed by the operating system.

Word Count – Maximum total word count is 2500 words

• Moodle week 1: lab Use of OpenSSL Commands (500 words)

• Moodle week 2 lab Simple use of GPG (500 words)
• Moodle week 5 lab Use of Linux Discretionary Access Control commands (500 words)
• Moodle week 6 lab Cracking password hash exercise (500 words)
• Reflective report (500 words)

The notional hours that a typical student would be expected to take to pass this assignment
should include 30 hours completing recommended reading (see Moodle weeks) and
completing lab exercises, plus 10 hours completing the lab write-up and reflection totalling
40 hours.
Transferable skills:
Time Management and planning, problem solving skills and prioritising workload

4
Marking Criteria
Table of Assessment Criteria and Associated Grading Criteria
Assessment 1. LO2 2. LO2 3. LO1 4. LO2 5. LO1 and LO2
Criteria Covered Covered Covered Covered Covered
→ in in in in in
Lab 1 Lab 2 Lab 5 Lab 6 500-word Report
Weighting: 15% 15% 15% 15% 40%
Grading Unable to utilise Unable to utilise Unable to utilise Unable to utilise Most of the report
Criteria the appropriate the appropriate the appropriate the appropriate is out of context
tools to complete tools to complete tools to complete tools to complete and there is little
0 – 29% the work. Most of the work. Most of the work. Most of the work. Most of understanding of
the tasks are either the tasks are the tasks are the tasks are the purpose of
F
incomplete or done either incomplete either incomplete either incomplete this assessment.
incorrectly or done or done incorrectly or done Reference either
incorrectly incorrectly non-existent or
out of place
30 – 39% Some basic Some basic Some basic Some basic There is limited
E knowledge of the knowledge of the knowledge of the knowledge of understanding of
tools but there are tools but there tools but there the tools but the tasks
there are
sufficient are sufficient are sufficient sufficient required and the
deficiencies in the deficiencies in deficiencies in deficiencies in the wider issues.
execution. the execution. the execution. execution. overall the
Evidences not Evidences not Evidences not Evidences not reports lack
commented or commented or commented or commented or substance. Most
explained correctly explained explained explained correctly of the work was
correctly correctly not referenced
correctly
40 – 49% Knowledge and Knowledge and Knowledge and Knowledge and Enough
D understanding of understanding of understanding of understanding understanding of
some of the tools. some of the some of the of some of the the wider issues
tools.
The student tools. The tools. The The student and
demonstrated student student demonstrated demonstrated the
some demonstrated demonstrated some ability to address
troubleshooting some some troubleshooting some of the
skills and made troubleshooting troubleshooting skills and made challenges
comments on all skills and made skills and made comments on all associated with
the evidences to comments on all comments on all the evidences to the two security
explain their work the evidences to the evidences to explain their work techniques. The
explain their work explain their work referencing was
satisfactory

50 – 59% Fair knowledge of Fair knowledge Fair knowledge Fair knowledge of Fair
C the tools used. The of the tools used. of the tools used. the tools used. understanding of
student The student The student The student the wider issues
demonstrated the demonstrated the demonstrated the demonstrated the and
ability to ability to ability to ability to demonstrated the
troubleshoot troubleshoot troubleshoot troubleshoot ability to address
issues with some issues with some issues with some issues with some some of the
success. success. success. success. challenges
Thoughtful Thoughtful Thoughtful Thoughtful associated with
comment was comment was comment was comment was the two security
made on each made on each made on each made on each techniques.
stage to explain stage to explain stage to explain stage to explain Suitable use of
the work. the work. the work. the work. references
60 – 69% Good knowledge Good knowledge Good knowledge Good knowledge Good
B of the tools and of the tools and of the tools and of the tools understanding of
ability to ability to ability to and ability to the wider issues
troubleshoot errors troubleshoot troubleshoot troubleshoot errors and
was demonstrated. errors was errors was was demonstrated. demonstrated the
More thoughtful demonstrated. demonstrated. More thoughtful ability to address
comments added More thoughtful More thoughtful comments added some of the
5
 on the evidence at comments added comments added on the evidence at challenges
each stage to on the evidence on the evidence each stage to associated with
explain the work at each stage to at each stage to explain the work the two security
explain the work explain the work techniques. All
. work correctly
referenced.

70 – 79% A very good A very good A very good A very good A very good
A knowledge of the knowledge of the knowledge of the knowledge of the understanding of
tools was tools was tools was tools was the work and
demonstrated. The demonstrated. demonstrated. demonstrated. The wider issues was
student completed The student The student student completed demonstrated.
all the tasks and completed all the completed all the all the tasks and The report is well
added well written tasks and added tasks and added added well written written and
comments at each well written well written comments at each effectively
stage to explain comments at comments at stage to explain referenced
their work. each stage to each stage to their work.
explain their explain their
work. work.
80 – 89% Excellent Excellent Excellent Excellent Excellent
A+ knowledge of the knowledge of the knowledge of the knowledge of the understanding of
tools. All required tools. All required tools. All required tools. All required the work and
tasks completed. tasks completed. tasks completed. tasks completed. wider issues. The
Student used Student used Student used Student used report is well
innovative innovative innovative innovative written and
methods to methods to methods to methods to referenced
troubleshoot errors troubleshoot troubleshoot troubleshoot error faultlessly
and resolve issues error and resolve error and resolve and resolve issues
to successful issues to issues to to successful
completion. Very successful successful completion. Very
thoughtful completion. Very completion. Very thoughtful
comments were thoughtful thoughtful commented were
added to the commented were commented were added to the
evidence at each added to the added to the evidence at each
stage supported by evidence at each evidence at each stage supported by
excellent standard stage supported stage supported excellent standard
of writing. by excellent by excellent of writing.
standard of standard of
writing. writing.
90 – 100% A highly innovative A highly A highly A highly innovative Outstanding
A* and outstanding innovative and innovative and and outstanding report that
knowledge of the outstanding outstanding knowledge of the capture all the
tools was knowledge of the knowledge of the tools was key issues. The
demonstrated. tools was tools was demonstrated. two security
Everything was demonstrated. demonstrated. Everything was techniques were
completed in an Everything was Everything was completed in an compared
outstanding way completed in an completed in an outstanding way thoroughly, and a
including the outstanding way outstanding way including the clear argument
comments used to including the including the comments used to was provided to
explain the comments used comments used explain the justify the
evidences to explain the to explain the evidences. decision.
evidences evidences

6
Submission Details:

Format: To be saved and uploaded to correct Moodle submission point as a single word-
processed document or in PDF format. Unreadable formats will not be marked.

Regulations:

• The minimum pass mark for a module is 40%

• Re-sit marks are capped at 40%

Full academic regulations are available for download using the link provided above in the IMPORTANT
STATEMENTS section

Late Penalties
If you submit an assessment late at the first attempt then you will be subject to one of the
following penalties:

• if the submission is made between 1 and 24 hours after the published deadline the
original mark awarded will be reduced by 5%. For example, a mark of 60% will be
reduced by 3% so that the mark that the student will receive is 57%. ;
• if the submission is made between 24 hours and one week (5 working days) after
the published deadline the original mark awarded will be reduced by 10%. For
example, a mark of 60% will be reduced by 6% so that the mark the student will
receive is 54%.

• if the submission is made after 5 days following the deadline, your work will be
deemed as a fail and returned to you unmarked.

The reduction in the mark will not be applied in the following two cases:
• the mark is below the pass mark for the assessment. In this case the mark achieved
by the student will stand
• where a deduction will reduce the mark from a pass to a fail. In this case the mark
awarded will be the threshold (i.e.40%)
Please note:
• If you submit a re-assessment late then it will be deemed as a fail and returned
to you unmarked.

7
Feedback:

Marks and Feedback on your work will normally be provided within 20 working days of its
submission deadline via Moodle.

Where to get help:

Please refer to Moodle for additional surgery times

Students can get additional support from the library for searching for information and
finding academic sources. See their iCity page for more information:
http://libanswers.bcu.ac.uk/

The Centre for Academic Success offers 1:1 advice and feedback on academic writing,
referencing, study skills and maths/statistics/computing. See their iCity page for more
information: https://icity.bcu.ac.uk/celt/centre-for-academic-success

See also the My Assignment Planner tool: http://library.bcu.ac.uk/MAP2/freecalc-mail/

Fit to Submit:
Are you ready to submit your assignment – review this assignment brief and consider
whether you have met the criteria. Use any checklists provided to ensure that you have
done everything needed.

You should complete the 4 lab exercises and write these up in a logbook format containing
screenshots and command transcripts demonstrating completion of relevant lab exercises.

Write a 500-word report which reflects on the role cryptography and access control in
securing data.