Prerequisite Modules
Description
This module provides a comprehensive
introduction to system security and cryptography, including
cryptographic and steganography algorithms, systems security and
malware, and threat management.
Aims
The rate at which new technological
innovations such as file sharing software and location based tracking
tools are changing is dizzying. These changes have major security,
political, economical and social implications. As a result of
connectivity and the blistering pace of change, computing usage
nowadays is adversely affected by computer viruses, worms, spyware,
poorly designed software and inadequate technology laws. These
problems are further aggravated by our lack of basic knowledge and
understanding of security and its implications. In some cases this has
led to suffocation in technological advancement.
Security, privacy, protection from
viruses, worms and spyware are the cornerstones of system integrity.
Recently awareness of security policies and audit control and
compliance have come into light as being other forgotten pieces in the
ever widening security jigsaw. The aim of this course is to provide a
detailed understanding of the issues involved in providing systems
security. Further, the course will describe, critically analyze and
discuss the security challenges faced by the society and the computing
industry. It will elaborate and demonstrate the role of security in
design, implementation and deployment of knowledge based systems in
organisations.
Learning Outcomes
On successful completion of this
module, the student will be able to
-
Describe the underlying principles
of different cryptography and steganography algorithms.
-
Evaluate the effectiveness of
cryptography algorithms according to well known security
requirements.
-
Recognise and justify the
different scenarios of deploying cryptography and steganography
algorithms.
-
Define and describe network
security,
-
Discuss and relate the fundamental
concepts of Security,
-
Classify and analyse the nature
and threat from viruses, worms, spyware,
-
Design and develop best practice
techniques of security,
-
Formulate security policy of an
organisation,
-
Critically analyze different
aspects of security such as policies and auditing process,
-
Assess security compliance of an
organisation
-
Compare and contrast international
and regional security standards.
Learning and Teaching Methods
Lectures, self-study, labs,
tutorials, and any combination of discussion, case study,
problem-solving exercises, readings, seminars, and computer-based
learning.
Content
Introduction to system security
and cryptography
Conventional Encryption:
Classical Techniques, Modern Techniques, Algorithms, Confidentiality
Using Conventional Encryption.
Public-Key Encryption and hash
Functions: Public-Key Cryptography,
Introduction to Number Theory, Message Authentication and Hash
Functions, Hash and Mac Algorithms, Digital Signatures and
Authentication Protocols.
Network Security Practice:
Authentication Applications, Electronic Mail Security, IP Security,
Web Security.
System Security:
Intruders, Viruses, and Worms, Firewalls, Types of Firewalls, The
Dual-Homed Gateway, The Screened Host Gateway, Other Firewall
Topologies.
Assessment
The methods of assessment to be
used to measure the learning objectives stated above are written
examination and continuous assessment including one or more of
assignment, essay, problem-solving exercise, oral presentation, and
class or lab tests.
-
Continuous Assessment: 30%
-
Examination: 70%
Recommended
Reading
-
Bruce Schneier, 1996, Applied
Cryptography: Protocols, Algorithms, and Source Code in C, John
Wiley & Sons. Inc.
-
William Stallings, 2005,
Cryptography and Network Security: Principles and Practice, 5th ed,
Prentice Hall
-
Seymour Bosworth, M.E. Kabay,
2002, Computer Security Handbook, John Wiley & Sons. Inc.
-
Raymond R. Panko, 2004, Corporate
Computer and Network Security, Prentice hall
-
Data and Computer Communications,
2000, W. Stallings, 6th Edition, Prentice Hall.
-
Seymour Bosworth and M.E. Kabay,
2002, Computer Security Handbook, John Wiley & Sons. Inc.
-
Andrew Lockhart, 2004, Network
Security Hacks 100 Industrial-Strength Tips & Tools, O'Reilly
-
Bruce Schneier, 2004, Secrets and
Lies: Digital Security in a Networked World, Hungry Minds Inc
-
IEEE Security & Privacy
-
ACM Transactions on Information
and System Security (TISSEC)
-
http://www.sans.org/rr/
|
|
For more information contact
Ciarán O'Leary
|
Home