First Cycle - Faculty of Engineering - Computer Engineering (English)
Y : Year of Study S : Semester
Course Unit Code Course Unit Title Type of Course Y S ECTS
CSE4057 Information Systems Security Compulsory 4 7 5
Objectives of the Course
This course provides fundamentals of information systems security.
Learning Outcomes
1 Consider and analyze the impact of Information Systems security on organizations and society
2 Use the internet to review current research efforts in Information Systems security
3 Experience current Information Systems security methods by hands on use of current Information Systems security tools and techniques
4 Undertake a review of Information systems security practice techniques and methods for securing an organization's information assets
5 Examine and use current methodologies for Information systems security design and implementation
6 Understand and apply the concepts and theory underlying Information Systems security
Mode of Delivery
Formal Education
Recommended Optional Programme Components
None
Course Contents
The course firstly deals with fundamental security concepts. Then specific security contexts, technologies and practices are covered. Broader implications and ramifications of these practices are also covered as part of the course.
Weekly Detailed Course Contents
Week Theoretical Practice Laboratory
1 Introduction Definitions, history of security, current concerns, IS security participants, and implications of IS security.
2 IS Security Management Introduction to principles of IS security management, roles of IS security personnel, security methods.
3 Risk Analysis and Management Key principles, management’s role, standards, introduction Risk Management Software Tool.
4 Contingency and Continuity Planning Key concepts, development of disaster recovery and business continuity plans, risk assessment, business impact assessment, recovery strategies and common pitfalls.
5 Logical Security and Physical Security Logical and physical data security criteria, input controls, database controls, security policies and mechanisms, physical security criteria, access controls, preventive, detective and corrective measures.
6 Internet Security Exposures and threats, approaches to attack and penetration (domain name and route analysis), exploitation, case study and demonstration, trends.
7 Cryptography, PKI, Digital Signatures, Gateway Security Terms, types of attack, protecting against attacks, authentication methods, security policy, technical solutions (firewalls, encryption).
8 Midterm Exam
9 E-Commerce (B2B) Security Types of e-commerce, SET, PKI, digital certificates, Authentication (NCSA, HTML, user, cookies, SSL, digital certificates, two factor and biometrics), creating security infrastructures for e-commerce.
10 Operating Systems Security Operating system overview, methods of OS security, evaluation of OS security, comparison of UNIX and Microsoft NT.
11 Database Security Review of databases, access control, authorization, integrity, security mechanisms
12 Legal Issues Protection of computer assets, copyright, computer abuse, legal aspects of privacy, legal agreements, admissibility of computer evidence in court, laws governing computers, negligence, and management implications.
13 Ethical Issues Privacy and surveillance and implications for IS security, IS professional obligations
14 Student Presentations
15 Emerging Trends: Biometrics Key concepts, types and uses, procedure and examples, key issues with use (acceptance, acceptability, accuracy, cost and ethics)
16 Final Exam Study
17 Final Exam
Recommended or Required Reading
Research papers from information systems and information systems security journals (Computer and Security, Journal of Management Information Systems) Practitioner articles from professional journals and industry magazines (CIO, IT Professional)
Planned Learning Activities and Teaching Methods
Lecture Notes, slides, student presentations
Assessment
AssessmentQuantityWeight
Term (or Year) Learning Activities60
End Of Term (or Year) Learning Activities40
Total100
Term (or Year) Learning ActivitiesQuantityWeight
Midterm Exam150
Project130
Homework Exam220
Total100
End Of Term (or Year) Learning ActivitiesQuantityWeight
Final Exam1100
Total100
Language of Instruction
Language Codes
Work Placement(s)
None
Workload Calculation
Activities Number Time (hours) Total Work Load (hours)
Theoretical 14 3 42
Pre Class Self Study 14 1 14
Post Class Self Study 14 1 14
Midterm Preparation 1 9 9
Final Preparation 1 15 15
Home Work 2 8 16
Research Presentation 1 15 15
Total 47 52 125
Contribution of Learning Outcomes to Programme Outcomes
PO 1PO 2PO 3PO 4PO 5PO 6PO 7PO 8PO 9PO 10PO 11PO 12PO 13PO 14PO 15PO 16
LO 10000000000000000
LO 20000000000000000
LO 30000000000000000
LO 40000000000000000
LO 50000000000000000

^