Scribd
Upload
33 views

Information System Security

This document provides information on the IS251: Information Systems Security course. The course aims to develop understanding of information security concepts, cryptography, and network security. It is a core course worth 8 credits requiring 80 hours of study. The course learning outcomes include describing security concepts, explaining encryption systems, designing authentication applications, and applying security and cryptographic concepts. Course content covers security threats, policies, cryptography, access control, authentication, and emerging trends. Assessment is based on assignments, independent study, and a final exam.

Uploaded by

makangara22
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
33 views

Information System Security

This document provides information on the IS251: Information Systems Security course. The course aims to develop understanding of information security concepts, cryptography, and network security. It is a core course worth 8 credits requiring 80 hours of study. The course learning outcomes include describing security concepts, explaining encryption systems, designing authentication applications, and applying security and cryptographic concepts. Course content covers security threats, policies, cryptography, access control, authentication, and emerging trends. Assessment is based on assignments, independent study, and a final exam.

Uploaded by

makangara22
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Course title: IS251: Information Systems Security

Course Aims:

The aims of this course are to:


i. Develop an understanding of the role of procedures, policies, standards and
guideline in information systems security.
ii. Develop an understanding of the fundamentals of cryptography, cryptographic
techniques and network security.
iii. Enable students to categorize threats and classify security strategies based on
system security principles.

Course status: Core

Credit rating: 8 credits

Total hours spent: 80 hours

Course Expected Learning Outcomes

By the end of the course, students should be able to:


i. Describe basic information security concepts and defense methods.
ii. Explain Symmetric and Asymmetric Encryption crypto systems.
iii. Design Authentication Applications.
iv. Apply network and information security concepts and cryptographic algorithms.

Course Contents

Introduction to Security Concepts; goals, security threats, attacks,


vulnerabilities, risks and countermeasure, Information security management
taxonomy, policy formation & ethical and legal issues;
Malicious software and network security; Viruses, Trojans, Spyware,
Backdoors, Trapdoors and Rootkits; Intrusion detection and prevention
mechanisms, firewall taxonomy, wireless network security
Cryptography; History and Overview of Cryptography, Encryption basics,
symmetric encryption algorithms: block ciphers and stream ciphers, asymmetric
encryption and Public Key Infrastructure. Secure One-Way Hash Function and
Message Authentication Codes (MD4, MD5, SHA-1, SHA-2, MAC and keyed-
MAC.
Access Control; Key Certificates and Digital Signatures. E-mail, Web and E-
Commerce security (PGP, PKI and SSL). Access Control mechanisms, Access
Control Lists, Capability Lists, Operating Systems Access Control, Security of
Linux and Windows File Systems and personnel and physical security.
Authentication: Authentication mechanisms and technologies for
authentication, Challenge-response systems, Smartcards, Security Tokens,
Biometry and Kerberos.
Emerging Trend in IT Security: Cyber-security, Trusted Computing,
Quantum Cryptography, cloud computing security, proivacy and data theft
issues, Designing secure systems.
Teaching and learning activities: Lectures 30 hours, seminars 15 hours, assignments 15
hours and independent study 20 hours.
Assessment methods: Continuous assessment will comprise 30 marks and Final Examination
70 marks.

Reading List:

1. William Stallings (2010). Cryptography and Network Security: Principles and


Practice, 5th Edition. USA: Prentice Hall.
2. Ross J. Anderson (2008). Security Engineering: A Guide to Building
Dependable Distributed Systems. Wiley.
3. Larry Ullman (2013). Effortless E-Commerce with PHP and MySQL, 2nd
Edition (Voices That Matter). USA: Pearson Education.
4. Gurpreet Dillon (2007). Principles of Information Systems Security: Text and
Cases, 1st Edition. Wiley.
5. Mark Stamp (2005). Information Security: Principles and Practice. Wiley.

You might also like