Please note: you are viewing unit and programme information
for a past academic year. Please see the current academic year for up to date information.
| Unit name |
Systems Security |
| Unit code |
COMSM1500 |
| Credit points |
10 |
| Level of study |
M/7
|
| Teaching block(s) |
Teaching Block 1 (weeks 1 - 12)
|
| Unit director |
Professor. Theo Tryfonas |
| Open unit status |
Not open |
| Pre-requisites |
None
|
| Co-requisites |
None
|
| School/department |
Department of Computer Science |
| Faculty |
Faculty of Engineering |
Description including Unit Aims
Information security is a broad field, encompassing many concepts and methodologies. The aim of this unit is to introduce principles of security design and analysis at the system level; it acts to equip students with industry standard skills relating to management of information and data processing systems (e.g., e-commerce data centres).
The syllabus will include aspects of (but is not limited to):
- Authentication and Access control: challenge-response; passwords; two-factor authentication; biometrics; formal models (e.g., BLP, MLS, RBAC).
- Network security: Kerberos; IPSEC/SSL/TLS; digital certificates and PKI; firewalls.
- Malware and exploitation: viruses, worms and Trojan horses; SQL injection; DLL injection; phishing; social engineering.
- Intrusion detection and digital forensics: intrusion detection; honeypots and honeynets; e-crime, evidence acquisition and evidential integrity; media examination techniques and forensic testimony.
- Risk management and security auditing: security standards and certification (e.g., ISO27000); threat assessment and risk analysis methods; IT audit and compliance.
Intended Learning Outcomes
Upon successful completion of this unit, you will have gained
- a good understanding of basic principles of information systems security design,
- the ability to identify risks related to the use of information technology/data processing,
- an appreciation for tools and technologies that may be used to mitigate risks.
Teaching Information
20 hours of lectures.
Assessment Information
30% via coursework assignment(s), 70% via examination.
The coursework assignment(s) for this unit are intended to represent in depth, self-directed learning relating to one or more state-of-the-art topics in system security; assessment is via a written report and/or oral presentation.
Reading and References
- C.P. Pfleeger and S.L. Pfleeger. Security in Computing. Prentice Hall, 2006. ISBN: 978-0132390774.
- R. Anderson. Security Engineering. John Wiley & Sons, 2008. ISBN: 978-0470068526.
- D. Gollmann. Computer Security. Wiley, 2010. IBSN: 978-0470862933.
- G. Dhillon. Principles of Information Systems Security. Wiley, 2006. IBSN: 978-0471450566.
