INTRODUCTION TO INFORMATION SECURITY
2018/2019, Semester 1
School of Computing (Computer Science)
Modular Credits: 4
This module serves as an introductory module on information security. It illustrates the fundamentals of how systems fail due to malicious activities and how they can be protected. The module also places emphasis on the practices of secure programming and implementation. Topics covered include classical/historical ciphers, introduction to modern ciphers and cryptosystems, ethical, legal and organisational aspects, classic examples of direct attacks on computer systems such as input validation vulnerability, examples of other forms of attack such as social engineering/phishing attacks, and the practice of secure programming.
After completing this module, students should be able to:
1. Explain the C-I-A security requirements and recognize their breaches in recent security incident news.
2. Describe key concepts and basic mechanisms of principal protection mechanisms in information security, such as encryption, authentication, and access control.
3. Identify the limitations of classical cryptographic schemes, and recognize well-known attacks on vulnerable hosts, networks, and Web servers.
4. Utilize some basic security tools (e.g. OpenSSL, Wireshark) and security-related Linux commands to perform encryption, network traffic analysis, and file access control.
5. Pinpoint flaws in programs due to common insecure programming practices, and suggest improvements using more secure practices instead.
CS1010 or its equivalence
Lectures and tutorials
Continual Assessment (50%) and open-book final exam (50%)
Workload Components : A-B-C-D-E
A: no. of lecture hours per week
B: no. of tutorial hours per week
C: no. of lab hours per week
D: no. of hours for projects, assignments, fieldwork etc per week
E: no. of hours for preparatory work by a student per week