University of Malta
 

Study-Unit Description
UOM Main Page
 
 
 
Apply - Admissions 2016
Newspoint
Campus Map button
Facebook
Twitter


CODE CIS3041

 
TITLE Security, Quality and Risk Issues in I.S.

 
LEVEL 03 - Years 2, 3, 4 in Modular Undergraduate Course

 
ECTS CREDITS 6

 
DEPARTMENT Computer Information Systems

 
DESCRIPTION Operating system security: Writing secure applications; Proactive Security Development Processes.
Threat Modelling; Secure Coding Techniques; Least Privileges & Access Control (Linux, Unix, XP, Vista);
Input Issues; Secure Software Installation;
Securing RPC, ActiveX and DCOM; Securing .NET code.

Internet security: security concerns in Email, USENET, RSS and the Web;
Cross-Site Scripting Attacks; Cryptography & Attacks on Web Services;
User Input Attacks; Client Vulnerabilities;
State-based Attacks; Server Attacks;
Denial of Service & DDOS Attacks; Threats of Malicious Software and its Removal.

Security Testing & Mitigating Problems.

Quality Management Issues;
Quality Standards BS5750, ISO9001, TickIt;
Quality Planning and Review Issues and configuration management;
Quality Systems for software;
The quality elements for ISO9001.

Introduction to Project Risk Management;
Risk administration techniques;
Risk identification activities;
Risk quantification and impact estimation;
Risk prioritizing and filtering;
Risk mitigation strategies;
The SERIM and RISKMAN methodologies.

Textbooks:
• Mike Andrews & James A Whittaker How to break Web Software: Functional and Security Testing of Web Applications and Web Services Addison-Wesley Professional ISBN-10: 0321369440 ISBN-13: 978-0321369444.
• Michael Howard & David C. LeBlanc Writing Secure Code, Second Edition Microsoft Press ISBN-10: 0735617228 ISBN-13: 978-0735617223.
• William Stallings Cryptography and Network Security: Principles and Practices (3rd ed) Prentice-Hall ISBN: 0-13-091429-0.
• USENET FAQ's at http://www.faqs.org.
• Karolak P., Software Engineering Risk Management, Wiley-IEEE Computer Society Press.
• Carter B., Introducing RISKMAN Methodology, NCC Blackwell.
• Oskarsson O., ISO9000 Approach to building quality software, Prentice Hall.
• Bentley C., Quality Management within Prince, Stationery Office Books.

 
ADDITIONAL NOTES Students taking this study-unit require expertise in CIS.

 
STUDY-UNIT TYPE Lecture

 
METHOD OF ASSESSMENT
Assessment Component/s Resit Availability Weighting
Examination (3 Hours) Yes 100%

 
LECTURER/S Clyde Meli
Anthony Spiteri Staines

 
The University makes every effort to ensure that the published Courses Plans, Programmes of Study and Study-Unit information are complete and up-to-date at the time of publication. The University reserves the right to make changes in case errors are detected after publication.
The availability of optional units may be subject to timetabling constraints.
Units not attracting a sufficient number of registrations may be withdrawn without notice.
It should be noted that all the information in the study-unit description above applies to the academic year 2017/8, if study-unit is available during this academic year, and may be subject to change in subsequent years.
Calendar
Notices
Study-unit Registration Forms 2017/8

Register

For Undergraduate (Day) and Postgraduate students.

 

Faculty of ICT Timetables

Timetables

ICT Timetables are available from Here.

Health and Safety Regulations for Laboratories Form

The Faculty of ICT Health and Safety Regulations for Laboratories form can be found here

 HealthAndSafety

13th Edition of EY’s Annual Attractiveness Event

 Logo

 

 

The 13th Edition of EY’s Annual Attractiveness event will be held on 25th October 2017 at the InterContinental Hotel,

St. Julians. It is titled "Thinking without the box: disruption, technology and FDI".

 

The  students' invitation and more information can be found here

The conference programme can be found here

 

 
 

Log In back to UoM Homepage