[an error occurred while processing this directive] [an error occurred while processing this directive]
[an error occurred while processing this directive]
[an error occurred while processing this directive]
Monash University

FIT2078 Introduction to security - Semester 2, 2011

This unit will provide students with a knowledge of information systems security issues, and their relevance to the management of information systems in contemporary organisations. The students will gain knowledge of the nature of information threats, risks and vulnerabilities and of the control technologies and techniques which can be applied to reduce risk. Students will be expected to demonstrate ethically sound viewpoints with respect to the protection of information resources while maintaining a secure IS framework related to a defence in depth strategy. Further students will have an understanding of the ethical, legal and criminal issues relating to the security of information systems. Additionally students will be required to analyse and assess recent developments and future trends in IS security technologies.

Mode of Delivery

Caulfield (Day)

Contact Hours

2 hrs lectures/wk, 2 hrs tutorials/wk

Workload

Students will be expected to spend a total of 12 hours per week during semester on this unit.

This will include:

  • Lectures: 2 hours per week
  • Tutorials/Lab Sessions: 2 hours per week per tutorial
  • and up to an additional 8 hours in some weeks for completing private study, revision and assessment requirements.

Unit Relationships

Prohibitions

FIT1019

Prerequisites

FIT1001 or FIT1031

Chief Examiner

Campus Lecturer

Caulfield

Nandita Bhattacharjee

Contact hours: Alternate Tuesdays 3:00PM-5:00PM

Clayton

Nandita Bhattacharjee

Contact hours: Alternate Tuesdays 3:00PM-5:00PM

Tutors

Caulfield

Parman Sukarno

Clayton

Parman Sukarno

Academic Overview

Learning Objectives

At the completion of this unit students will have

A knowledge and understanding of:

  • the importance of information systems security issues to contemporary organisations;
  • information security concepts and philosophies;
  • threats, vulnerabilities and risks to an organisations information assets and the control technologies and techniques required to support this;
  • the mathematical foundation of cryptoanalysis;
  • the ethical, legal and criminal issues relating to the security of information systems;
  • how to evaluate current and future developments and trends in security control technologies and techniques;
  • the relevance of human factors to information security planning and management.

Developed attitudes that enable them to:
  • adopt a critical approach to the analysis and design of information systems security systems;
  • willingness to apply ethical standards of security issues;
  • demonstrate ethically sound viewpoints with respect to the protection of information resources while maintaining a secure IS framework; specifically related to (but not limited to) the goals of security such as confidentiality, integrity, and availability, in the professional development of information systems;
  • cooperate within groups and adopt and practise professional ethics that influence work behaviour.

Developed the skills to:
  • apply information security concepts in the analysis of information systems security issues;
  • apply risk management techniques to the planning and management of information systems security systems;
  • apply security analysis and design methods and techniques in the analysis of threats, risk and vulnerabilities to an information system;
  • apply the security concept in securing information systems by exploring the security mechanism available in the operating systems environment.

Demonstrated the communication skills necessary to:
  • work in teams to complete some of the assessment and thus develop appropriate interpersonal communication and leadership skills.

Graduate Attributes

Monash prepares its graduates to be:
  1. responsible and effective global citizens who:
    1. engage in an internationalised world
    2. exhibit cross-cultural competence
    3. demonstrate ethical values
  2. critical and creative scholars who:
    1. produce innovative solutions to problems
    2. apply research skills to a range of challenges
    3. communicate perceptively and effectively

Assessment Summary

Examination (3 hours): 60%; In-semester assessment: 40%

Assessment Task Value Due Date
Tutorial Quizzes 1-5 20% (4% for each quiz) in Weeks 3, 5, 7, 9 and 12
Mid-semester Test 20% Week 10 in the lecture.
Examination 1 60% To be advised

Teaching Approach

Lecture and tutorials or problem classes
This teaching and learning approach provides facilitated learning, practical exploration and peer learning.

The lectures will cover the theoretical concepts of security. The tutorial/discussion classes will be used to explore the principles, available tools and operating system platforms. The exploration aims to demonstrate and illustrate the concepts provided in the lectures.

Feedback

Our feedback to You

Types of feedback you can expect to receive in this unit are:
  • Informal feedback on progress in labs/tutes
  • Test results and feedback
  • Quiz results
  • Solutions to tutes, labs and assignments
  • Other: Individual student meetings

Your feedback to Us

Monash is committed to excellence in education and regularly seeks feedback from students, employers and staff. One of the key formal ways students have to provide feedback is through SETU, Student Evaluation of Teacher and Unit. The University's student evaluation policy requires that every unit is evaluated each year. Students are strongly encouraged to complete the surveys. The feedback is anonymous and provides the Faculty with evidence of aspects that students are satisfied and areas for improvement.

For more information on Monash's educational strategy, and on student evaluations, see:
http://www.monash.edu.au/about/monash-directions/directions.html
http://www.policy.monash.edu/policy-bank/academic/education/quality/student-evaluation-policy.html

Previous Student Evaluations of this unit

If you wish to view how previous students rated this unit, please go to
https://emuapps.monash.edu.au/unitevaluations/index.jsp

Required Resources

Prescribed text book:

Computer Security: Principles and Practice - William Stallings  & Lawrence Brown, Prentice Hall, 2008

Unit Schedule

Week Activities Assessment
0   No formal assessment or activities are undertaken in week 0
1 Introduction  
2 IT risk management  
3 Authentication Discussion class. Quiz 1 during tutorial session
4 Access control  
5 Introduction to number theory Discussion class. Quiz 2 during tutorial session
6 Cryptography I  
7 Cryptography II Discussion class. Quiz 3 during tutorial session
8 Public key cryptography  
9 Digital signature Discussion class. Quiz 4 during tutorial session
10 Database security Mid-semester Test during the lecture
11 Integrity management  
12 Ethics & Privacy Discussion class. Quiz 5 during tutorial session
  SWOT VAC No formal assessment is undertaken SWOT VAC
  Examination period LINK to Assessment Policy: http://policy.monash.edu.au/policy-bank/
academic/education/assessment/
assessment-in-coursework-policy.html

*Unit Schedule details will be maintained and communicated to you via your MUSO (Blackboard or Moodle) learning system.

Assessment Requirements

Assessment Policy

To pass a unit which includes an examination as part of the assessment a student must obtain:

  • 40% or more in the unit's examination, and
  • 40% or more in the unit's total non-examination assessment, and
  • an overall unit mark of 50% or more.

If a student does not achieve 40% or more in the unit examination or the unit non-examination total assessment, and the total mark for the unit is greater than 50% then a mark of no greater than 49-N will be recorded for the unit

Assessment Tasks

Participation

  • Assessment task 1
    Title:
    Tutorial Quizzes 1-5
    Description:
    Principles and application based on previous weeks topics.
    Weighting:
    20% (4% for each quiz)
    Criteria for assessment:
    • understanding of the appropriate security principles and
    • its applications to specific situations.
    Due date:
    in Weeks 3, 5, 7, 9 and 12
  • Assessment task 2
    Title:
    Mid-semester Test
    Description:
    Mid-semester test. Multiple choice questions on the materials covered up to week 8.
    Weighting:
    20%
    Criteria for assessment:

    Demonstrate a mastery of the topics covered up to week 8

    Due date:
    Week 10 in the lecture.

Examinations

  • Examination 1
    Weighting:
    60%
    Length:
    2 hours
    Type (open/closed book):
    Closed book
    Electronic devices allowed in the exam:
    None

Assignment submission

It is a University requirement (http://www.policy.monash.edu/policy-bank/academic/education/conduct/plagiarism-procedures.html) for students to submit an assignment coversheet for each assessment item. Faculty Assignment coversheets can be found at http://www.infotech.monash.edu.au/resources/student/forms/. Please check with your Lecturer on the submission method for your assignment coversheet (e.g. attach a file to the online assignment submission, hand-in a hard copy, or use an online quiz).

Extensions and penalties

Returning assignments

Other Information

Policies

Student services

The University provides many different kinds of support services for you. Contact your tutor if you need advice and see the range of services available at www.monash.edu.au/students The Monash University Library provides a range of services and resources that enable you to save time and be more effective in your learning and research. Go to http://www.lib.monash.edu.au or the library tab in my.monash portal for more information. Students who have a disability or medical condition are welcome to contact the Disability Liaison Unit to discuss academic support services. Disability Liaison Officers (DLOs) visit all Victorian campuses on a regular basis

READING LIST

  1. Goodrich M and Tamassia R, Introduction to Computer Security, Addison-Wesley, 2011  
  2. Jill Slay and Andy Koronios, Information Technology Security & Risk Managament, 3rd edition, Wiley.
  3. Gollmann, D. (2010), Computer Security, Wiley, UK
[an error occurred while processing this directive]