GCO4831 Information and network security - Semester 2 , 2006 unit guide

Semester 2, 2006

Chief Examiner

Dr. Joarder Kamruzzaman

Lecturers

Gippsland : Dr. Joarder Kamruzzaman

Outline

OSI security architecture, security requirements, cryptography, digital signatures, certificates, security services, security standards and protocols, network security applications, system security, wireless security, latest trends in security and security ethics.

 

Objectives

The student will be able to:

Students should be able to:

  • describe OSI security architecture;
  • describe common security standards and protocols for network security applications, e.g., electronic mail, web security and network management;
  • understand common information risks and requirements;
  • explain the operation of conventional and public-key encryption techniques;
  • describe the concepts and techniques for digital signatures, authentication and non-repudiation;
  • understand with security threats in wireless and mobile communication.

 

Attitudes, Values and Beliefs

Students will be able to:

  • appreciate the need for the digital certificates and public key infrastructure;
  • appreciate the importance of system security against intruders and malicious software using firewalls;
  • appreciate the relevance of privacy and ethical issues related to organizations and individuals.

 

Practical Skills

The students should be able to:

  • apply simple security configurations to PC based applications, e.g., email, Internet, computer administration;
  • design information systems with security compliance.

 

Prerequisites

Before attempting this unit you must have satisfactorily completed 9802 - Computer Systems. You should have knowledge of Computer systems organization and OSI model for data communication.

Unit relationships

GCO4831 is an elective unit in the MAIT degree. It does not have any prohibition, but you may not study this unit if you have previously done CPE3001 (70% overlap but no other security unit prohibition), CPE2007 (70% overlap with CPE3001 and CSE2500 as prohibitions), CSE3206 (55% overlap with no other security unit prohibitions) in your degree.

Texts and software

Required text(s)

Prescribed Text

  • S. William, "Network Security Essentials - Applications and Standards", Second Edition, Prentice Hall, 2003.
Reference Text
  • O. Poole, "Network Security - A Practical Guide", Butterworth Heinemann, 2003.

 

Textbook availability

Text books are available from the Monash University Book Shops. Availability from other suppliers cannot be assured. The Bookshop orders texts in specifically for this unit. You are advised to purchase your text book early.

Software requirements

The software used in this unit is available in public domain. The software is PGP encryption software which is available at:

http://www.pgpi.org/products/pgp/versions/freeware/win32/6.5.8/

and

http://www.gnupp.com/software.html

 

Software may be:

  • downloaded from http://www.gnupp.com/software.html

Hardware requirements

Students studying off-campus are required to have the minimum system configuration specified by the Faculty as a condition of accepting admission, and regular Internet access. On-campus students, and those studying at supported study locations may use the facilities available in the computing labs. Information about computer use for students is available from the ITS Student Resource Guide in the Monash University Handbook. You will need to allocate up to 5 hours per week for use of a computer, including time for newsgroups/discussion groups.

Recommended reading

Recommedded Text

  • J. H. Allen, "The CERT Guide to System and Network Security Practices", Addison-Wesley, 2001.
  • M. Kaeo, "Designing Network Security : A Practical Guide to Creating a Secure Network Infrastructure", Cisco Press, 2004.
  • R. Oppliger, "Security Technologies for the World Wide Web", Artech House, 2003.

 

Library access

You may need to access the Monash library either personally to be able to satisfactorily complete the subject.  Be sure to obtain a copy of the Library Guide, and if necessary, the instructions for remote access from the library website.

Study resources

Study resources for GCO4831 are:

Structure and organisation

Week Topics Study Guide References/Readings Key Dates
1 OSI Security Architecture SG1 Ch. 1 of Text book by Stalling, W
2 Symmetric Encryption SG2 Ch. 2 of text book
3 Asymmetric Encryption SG3 Ch. 3 of text book
4 Authentication Applications SG4 Ch. 4 of text book
5 Electronic Mail Security SG5 Ch. 5 of text book
6 Web Security SG6 Ch. 7 of text book August 25, 2006
7 Wireless Security SG7 Web resources
8 Network Management SG8 Ch. 8 of text book
9 Intrusion Detection and Response SG9 Ch. 9 of text book
10 Malicious Software Attack SG10 Ch. 10 of text book
Non teaching week
11 Firewall Defence SG11 Ch. 11 of text book October 5, 2006
12 Privacy and Anonymity SG12 Web resources
13 Revision

Timetable

The timetable for on-campus classes for this unit can be viewed in Allocate+

Assessment

Assessment weighting

Assessment for the unit consists of 2 assignments with a weighting of 40% and an examination with a weighting of 60%. Read this section VERY carefully.

Details of assignments with due dates will be posted on the unit website. The due dates are the followings:

Assignment 1 (20%) Due date: August 25, 2006
Assignment 2 (20%) Due date: October 6, 2006

The examination will have the following format:

Examination of duration of three hours (60%)
No books or papers are permitted in the examination (closed book examination). Students must obtain satisfactory marks in the examination to obtain an overall pass in the unit.

Assessment Policy

To pass this unit you must:

obtain at least 40% in each assessment component.

Your score for the unit will be calculated by:

The final grade will be calculated as follows:

Final grade = min (A+10, E+10, E*R+A*(1–R))
Where A = overall assignment percentage
E = examination percentage
R = exam weighting (0.6)

 

Assessment Requirements

Assessment Due Date Weighting
Assignment 1 August 25, 2006 20%
Assignment 2 October 6, 2006 20 %
The exam is 3 hours long and is closed book. Exam period (S2/06) starts on 23/10/06 60 %

Assignment specifications will be made available http://www.gscit.monash.edu.au/units/2006/sem2/gco4831/assignments/.

Assignment Submission

Assignments needs to be submitted electronically at http://wfsubmit.its.monash.edu.au.

Extensions and late submissions

Late submission of assignments

It is your responsibility to structure your study program around assignment deadlines, family, work and other commitments. Factors such as normal work pressures, vacations, etc. are seldom regarded as appropriate reasons for granting extensions.


This policy is strict because comments or guidance will be given on assignments as they are returned, and sample solutions may also be published and distributed, after assignment marking or with the returned assignment. 

Extensions

It is your responsibility to structure your study program around assignment deadlines, family, work and other commitments. Factors such as normal work pressures, vacations, etc. are seldom regarded as appropriate reasons for granting extensions. 

Assignments submitted after the due date will be accepted only in exceptional circumstances. If an assignment will be late, it is necessary to contact the unit adviser at least 2 days before the due date. You may be required to provide documentation to support a request for late submission.

Grading of assessment

Assignments, and the unit, will be marked and allocated a grade according to the following scale:

Grade Percentage/description
HD High Distinction - very high levels of achievement, demonstrated knowledge and understanding, skills in application and high standards of work encompassing all aspects of the tasks.
In the 80+% range of marks for the assignment.
D Distinction - high levels of achievement, but not of the same standards. May have a weakness in one particular aspect, or overall standards may not be quite as high.
In the 70-79% range.
C Credit - sound pass displaying good knowledge or application skills, but some weaknesses in the quality, range or demonstration of understanding.
In the 60-69% range.
P Pass acceptable standard, showing an adequate basic knowledge, understanding or skills, but with definite limitations on the extent of such understanding or application. Some parts may be incomplete.
In the 50-59% range.
N Not satisfactory failure to meet the basic requirements of the assessment.
Below 50%.

Assignment return

We will aim to have assignment results made available to you within two weeks after assignment receipt.

Feedback

Feedback to you

You will receive feedback on your work and progress in this unit. This feedback may be provided through your participation in tutorials and class discussions, as well as through your assignment submissions. It may come in the form of individual advice, marks and comments, or it may be provided as comment or reflection targeted at the group. It may be provided through personal interactions, such as interviews and on-line forums, or through other mechanisms such as on-line self-tests and publication of grade distributions.

Feedback from you

You will be asked to provide feedback to the Faculty through a Unit Evaluation survey at the end of the semester. You may also be asked to complete surveys to help teaching staff improve the unit and unit delivery. Your input to such surveys is very important to the faculty and the teaching staff in maintaining relevant and high quality learning experiences for our students.

And if you are having problems

It is essential that you take action immediately if you realise that you have a problem with your study. The semester is short, so we can help you best if you let us know as soon as problems arise. Regardless of whether the problem is related directly to your progress in the unit, if it is likely to interfere with your progress you should discuss it with your lecturer or a Community Service counsellor as soon as possible.

Plagiarism and cheating

Plagiarism and cheating are regarded as very serious offences. In cases where cheating  has been confirmed, students have been severely penalised, from losing all marks for an assignment, to facing disciplinary action at the Faculty level. While we would wish that all our students adhere to sound ethical conduct and honesty, I will ask you to acquaint yourself with Student Rights and Responsibilities and the Faculty regulations that apply to students detected cheating as these will be applied in all detected cases.

In this University, cheating means seeking to obtain an unfair advantage in any examination or any other written or practical work to be submitted or completed by a student for assessment. It includes the use, or attempted use, of any means to gain an unfair advantage for any assessable work in the unit, where the means is contrary to the instructions for such work. 

When you submit an individual assessment item, such as a program, a report, an essay, assignment or other piece of work, under your name you are understood to be stating that this is your own work. If a submission is identical with, or similar to, someone else's work, an assumption of cheating may arise. If you are planning on working with another student, it is acceptable to undertake research together, and discuss problems, but it is not acceptable to jointly develop or share solutions unless this is specified by your lecturer. 

Intentionally providing students with your solutions to assignments is classified as "assisting to cheat" and students who do this may be subject to disciplinary action. You should take reasonable care that your solution is not accidentally or deliberately obtained by other students. For example, do not leave copies of your work in progress on the hard drives of shared computers, and do not show your work to other students. If you believe this may have happened, please be sure to contact your lecturer as soon as possible.

Cheating also includes taking into an examination any material contrary to the regulations, including any bilingual dictionary, whether or not with the intention of using it to obtain an advantage.

Plagiarism involves the false representation of another person's ideas, or findings, as your own by either copying material or paraphrasing without citing sources. It is both professional and ethical to reference clearly the ideas and information that you have used from another writer. If the source is not identified, then you have plagiarised work of the other author. Plagiarism is a form of dishonesty that is insulting to the reader and grossly unfair to your student colleagues.

Communication

Communication methods

You can communicate to the lecturer by email, phone, fax etc, or you can see him during the consultation hour. The details are below:

Dr. Joarder Kamruzzaman,
Office: 4N-232
Telephone: 9902 6665/5122665 (for international call add +613)
Fax: 9902 6879/5122 6879 (for international call add +613)
Email: Joarder.Kamruzzaman@infotech.monash.edu.au

Consultation hour: Thursday, 11:00am~1:00pm.

Notices

Notices related to the unit during the semester will be placed on the "Notices" Newsgroup in the unit website. Check this regularly. Failure to read the "Notices" newsgroup is not regarded as grounds for special consideration. The newgroups is at:

classes.it.gscit.gco4831.2006-sem2.notices

Consultation Times

Consultation hour: Thursday, 11:00am~1:00pm.

 

If direct communication with your unit adviser/lecturer or tutor outside of consultation periods is needed you may contact the lecturer and/or tutors at:

Dr Joarder Kamruzzaman
Senior Lecturer
Phone +61 3 990 26665

All email communication to you from your lecturer will occur through your Monash student email address. Please ensure that you read it regularly, or forward your email to your main address. Also check that your contact information registered with the University is up to date in My.Monash.

Last updated: Jul 31, 2006