| CODE | CIS3041 | ||||||
| TITLE | Security, Quality and Risk Issues in I.S. | ||||||
| UM LEVEL | 03 - Years 2, 3, 4 in Modular Undergraduate Course | ||||||
| MQF LEVEL | 6 | ||||||
| ECTS CREDITS | 6 | ||||||
| DEPARTMENT | Computer Information Systems | ||||||
| DESCRIPTION | Operating system security: Writing secure applications; Proactive Security Development Processes. Threat Modelling; Secure Coding Techniques; Least Privileges & Access Control (Linux, Unix, XP, Vista); Input Issues; Secure Software Installation; Securing RPC, ActiveX and DCOM; Securing .NET code. Internet security: security concerns in Email, USENET, RSS and the Web; Cross-Site Scripting Attacks; Cryptography & Attacks on Web Services; User Input Attacks; Client Vulnerabilities; State-based Attacks; Server Attacks; Denial of Service & DDOS Attacks; Threats of Malicious Software and its Removal. Security Testing & Mitigating Problems. Quality Management Issues; Quality Standards BS5750, ISO9001, TickIt; Quality Planning and Review Issues and configuration management; Quality Systems for software; The quality elements for ISO9001. Introduction to Project Risk Management; Risk administration techniques; Risk identification activities; Risk quantification and impact estimation; Risk prioritizing and filtering; Risk mitigation strategies; The SERIM and RISKMAN methodologies. Textbooks: • Mike Andrews & James A Whittaker How to break Web Software: Functional and Security Testing of Web Applications and Web Services Addison-Wesley Professional ISBN-10: 0321369440 ISBN-13: 978-0321369444. • Michael Howard & David C. LeBlanc Writing Secure Code, Second Edition Microsoft Press ISBN-10: 0735617228 ISBN-13: 978-0735617223. • William Stallings Cryptography and Network Security: Principles and Practices (3rd ed) Prentice-Hall ISBN: 0-13-091429-0. • USENET FAQ's at http://www.faqs.org. • Karolak P., Software Engineering Risk Management, Wiley-IEEE Computer Society Press. • Carter B., Introducing RISKMAN Methodology, NCC Blackwell. • Oskarsson O., ISO9000 Approach to building quality software, Prentice Hall. • Bentley C., Quality Management within Prince, Stationery Office Books. |
||||||
| ADDITIONAL NOTES | Students taking this study-unit require expertise in CIS. | ||||||
| STUDY-UNIT TYPE | Lecture | ||||||
| METHOD OF ASSESSMENT |
|
||||||
| LECTURER/S | Clyde Meli Anthony Spiteri Staines |
||||||
|
The University makes every effort to ensure that the published Courses Plans, Programmes of Study and Study-Unit information are complete and up-to-date at the time of publication. The University reserves the right to make changes in case errors are detected after publication.
The availability of optional units may be subject to timetabling constraints. Units not attracting a sufficient number of registrations may be withdrawn without notice. It should be noted that all the information in the description above applies to study-units available during the academic year 2023/4. It may be subject to change in subsequent years. |
|||||||