Learning Objectives

Define cybersecurity principles: authenticity, confidentiality, and anonymity
Describe potential threats to authenticity, confidentiality, and anonymity
Understand security threats to web applications and how to mitigate them
Understand the purpose and use of JavaScript Web Tokens to implement a stateless user authentication method for a web server

Activity

This level was implemented in the course of Computer Systems. A small web server that can store and serve files is built as a part of the project. Student then apply the cybersecurity concepts they have studied by implementing a stateless authentication via JWT to authenticate the users. This involves the steps of authentication (via username and password), the creation of a signed JWT token with expiration date, and returning said token to the requesting client. On subsequent requests, the token will be presented by the client and must be checked by the server for validity based on a digital signature and whether the token has expired. Thus, through thisactivity, students gained sufficient skills to develop a web application that ensures authenticity and confidentiality. Click activity content to access the slides and activities associated of level 4.

Surveys

A pre-test was conducted before the sessions were organized. Both the pre and post-tests were structured to capture the students’ demographic information, their perception of the learning objectives, the extent to which they consider the course to be useful and interesting. Besides, their grasp of the concepts was tested with some content questions relevant to the module. Ultimately, an analysis of the test results helped us evaluate the effectiveness of cybersecurity project. Click Pre Survey and Post Survey to download the pdf documents of the survey

Results

About 155 students have taken the Level 4 pre and post surveys
Students agree that the learning objectives for the levels were met
More information can be obtained from the SIGCSE paper