| CODE | CIS3202 | ||||||||
| TITLE | Security and Information Assurance | ||||||||
| UM LEVEL | 03 - Years 2, 3, 4 in Modular Undergraduate Course | ||||||||
| MQF LEVEL | 6 | ||||||||
| ECTS CREDITS | 5 | ||||||||
| DEPARTMENT | Computer Information Systems | ||||||||
| DESCRIPTION | The issue of security and information assurance spans practically all domains of Information Systems development:. The unit will create an awareness of security aspects in various domains related to Information Systems: Human-Computer Interaction, Information Management, Programming and Systems Integration, Networking and platform technologies, Web Systems, system administration, Social and Professional Issues. A historical analysis of the field of IAS will be followed by the various forms of threats arising from: - Different types of perpetrators: internal or external attacks, white hat or black hat hackers; - Threats through ignorance, carelessness; - Vulnerabilities arising during from various stages of hardware or software during design, coding, layers, installation. Risks associated with physical access; - Threats from malware (viruses, Trojan horses, worms), denial of service, protocol attacks, active and passive attacks, buffer overflow attacks and social engineering, different vulnerabilities of information in specific states of transmission, storage and processing. A number of security mechanisms will be covered including Mitigation and Removal of Malware, Cryptography and Cryptosystems, basic Cryptanalysis, Caesar Cyphers, Brute Force Search Cryptanalysis, Cribs and Attacks, DES, Triple-DES, AES, Private Key Cryptosystems, Symmetric Cryptosystems, Product and block Ciphers, keys, implementation, methods of authentication including bio-authentication, detection of intrusion and building in redundancy, Mandatory vs Discretionary Access Control, Trusted Computer Base and Reference Monitor. Accountability and Auditing of Security Events. Other non-IT based mechanisms will also be covered. The unit will include an overview of web related security services. The role of integrity, confidentiality, availability, authentication and non-repudiation as security services, the role of cryptographic encryption and one-way functions in ensuring confidentiality in document transfer, authentication and non-repudiation. The topic on security measures will also include how an organizational policy on IAS and procedures can be created, as well as how to keep them updated. The unit will include topics on management and economic issues related to the maintenance of security and assurance systems: cost/benefit analysis,.legal issues, standards, enforcement, asset management, disaster recovery. The unit will cover Assurance Mechanisms , the Operational Assurance and the Life-Cycle Assurance, Continuous Protection Assurance, the Common Criteria International Standard: Security Assurance Requirements, Evaluation Assurance Level. The role of forensics in information systems will be discussed through an awareness of different legal systems, how digital forensics fits in within the broader forensic discipline, rules of evidence, purpose of search and seizure, use of digital evidence and basic media analysis. The discussion will include procedures on how to handle a incident requiring forensic intervention. Study-unit Aims: This study-unit aims to introduce the concepts of information security and assurance and develop an overall understanding of these issues in all the elements of computer based systems – hardware, software, information, networks and in various stages of their development and use. Learning Outcomes: 1. Knowledge & Understanding: By the end of the study-unit the student will be able to: - Explain the role of security in information management, networking, platform section and operation, systems administration, systems administration, web systems and physical plant; - Explain what white hat, black hat, hacker and cracker mean., how culture, community, tools and technologies contribute to compromising systems. Understand the difference and similarity of internal and external attacks. Understand how different IT system components (servers, routers, people, software) can be vulnerabilities, threats and countermeasures; - Explain the relationship between the security services and the different information states; - Identify different forms of threats and attacks through different forms of malware, denial of service, different protocol attacks, active and passive attacks, buffer overflow attack and social engineering techniques; - Identify threats and vulnerabilities to an organization’s network and recognise how security incidents on the Internet occur; - Explain what is integrity, confidentiality and authentication, the role of cryptosystems ,public key infrastructure, digital signatures and certificates in this context; - Explain cryptography with respect to Unix password encipherment and cryptographic salt; - Explain the role of security services and their availability, integrity, confidentiality, authentication, non-repudiation; - Explain the "Need to Know Principle" and the Security Kernel; - Explain and demonstrate what is involved in incident tracking, the development of an incident handling and reporting strategy, the risks associated with disasters or disruptions and the specification of key mitigation strategies; - Describe how a business may be impacted by a security breach or interruption of operation, the financial losses. Identify the elements contributing to the cost of an organization’s security management and operations process and their relation to the risks and losses associated with information assurance or security related issues and incidents; - Depict the importance of using standards and key standard processes in information assurance and their areas of relevance, the use and elements of key types of security audits; - Comprehend Security Standards and Principles, including RFC2196, Orange Book and C2 Certification; - Identify how policies and procedures in Information Assurance can be important countermeasures, why all aspects of an organization must be considered in order for a security policy to be effective and how poorly defined and executed policies can be a vulnerability; - Explain and describe the role of forensics and when a forensic investigation would be necessary and what procedures would be required and how failure to follow good forensic procedures can make prosecution impossible. 2. Skills: By the end of the study-unit the student will be able to: - Give examples of how IT system components can be countermeasures, vulnerabilities and threats; - Outline the system life-cycle and its relationship to security; - Describe different information states, related vulnerabilities and security mechanisms; - Differentiate between different types of hackers, internal and external attacks, different attack methodologies; - Explain how the working environment (people, culture, tools and technologies) can contribute to security problems; - Explain how different stages in the life cycle of hardware and software systems can give rise to vulnerabilities and threats. Identify different threats to and vulnerabilities of an organization’s network; - Use different security measures and technologies to counter different threats to information systems; - Mitigate and remove Malware such as Viruses, Worms and Trojans, some of which use vulnerabilities to propagate; thus the importance of updating software including the OS; - Demonstrate differences in efficiency and performance between software and hardware based cryptosystems; - Perform best practices in programming that can prevent security flaws. Start to be able to code programs in a more secure manner; - Identify how a business may be impacted by a security breach or operational interruption, describe the elements of a company assets to be protected by a security plan, and identify the key elements of a physical site security; - Identify legal and ethical issues related to handling and management of enterprise information assets; - Administer digital forensics in systems security. Main Text/s and any supplementary readings: - C.P. Fleeger, Security in Computing, 3rd edition, Prentice-Hall Inc. NJ. 2003 ISBN 0-13-146913-4 - Rogue Programs: Viruses, Worms, and Trojan Horses by Lance J Hoffman, A J Hoffman VNR Computer Library ISBN0-442-00454-0 |
||||||||
| ADDITIONAL NOTES | Students taking this study-unit need to have a technical background | ||||||||
| STUDY-UNIT TYPE | Lecture and Independent Study | ||||||||
| METHOD OF ASSESSMENT |
|
||||||||
| LECTURER/S | Colin Layfield Clyde Meli |
||||||||
|
The University makes every effort to ensure that the published Courses Plans, Programmes of Study and Study-Unit information are complete and up-to-date at the time of publication. The University reserves the right to make changes in case errors are detected after publication.
The availability of optional units may be subject to timetabling constraints. Units not attracting a sufficient number of registrations may be withdrawn without notice. It should be noted that all the information in the description above applies to study-units available during the academic year 2023/4. It may be subject to change in subsequent years. |
|||||||||