[an error occurred while processing this directive] [an error occurred while processing this directive]
[an error occurred while processing this directive]
[an error occurred while processing this directive]

Dr Nandita Bhattacharjee
Lecturer
Phone: +61 3 990 53293
Fax: +61 3 990 55146

Contact hours: Monday: 2:30PM-3:30PM

Lecturer(s) / Leader(s):

Clayton

Dr Nandita Bhattacharjee
Lecturer
Phone: +61 3 990 53293
Fax: +61 3 990 55146

Introduction

Welcome to FIT4016, Information Security, for semester 2, 2009. This 6 point unit is an elective unit to all honours and postgraduate degree programs in the Faculty of IT. The unit has been designed to provide you with an understanding of  principles and practice of  security in a computerised information system. It explores many techniques and tools utilised to counteract the risks and threat to information security and its practical application to some examples.

Unit synopsis

This unit looks at a range of security problems in information systems, namely physical security, network security and software security. Within these areas, topics covered include risk analysis, authentification, access control, and crypto techniques. It looks at various management issues, including disparate application examples, distributed systems authentication, contingency planning, audit and review. A range of security applications are used as examples.

Learning outcomes

Upon completion of this unit students will:
  1. have knowledge of risks, threats and goals of information security;
  2. understand various controls and their effectiveness for information security in an organisation;
  3. be able to evaluate the effectiveness (both in terms of performance and limitations) of individual control techniques;
  4. match the risk against controls and evaluate their applicability.

Upon completion of this unit students will have developed attitudes that enable them to:
  1. appreciate the importance of information security in an organisation;
  2. appreciate the importance of the use of various controls and their effectiveness for information security in an organisation.

Upon completion of this unit students will be able to:
  1. carry out an investigation into the selection and deployment of particular security measure and application technologies based on risk analysis as applied to information security in an organisation;
  2. use tools for counteracting risks and threats to information security.

Upon completion of this unit students will have gained experience in:
  1. communicating information on threats to information security and key appropriate controls and counter measure techniques in written and/or oral form;
  2. working individually or in a small group on an advanced topic related to information security in an organisation.

Contact hours

4 x contact hrs/week

Workload

Student workload commitments per week are:
  • two-hour lecture and
  • two-hour tutorial (requiring advance preparation)
  • a minimum of 2-3 hours of personal study per one hour of contact time in order to satisfy the reading and assessment expectations.

Unit relationships

Prohibitions

CSE4892

Relationships

This level 4 unit is an elective unit in all the undergraduate honours degree programs and the Bachelor of Software Engineering program of the Faculty of IT. It may be taken as an elective in other programs where you have satisfied the prerequisite knowledge and course rules permit.You may not study this unit if you have completed CSE4892.

Teaching and learning method

This unit will be delivered via a 2 hours lecture followed by a 2 hours tutorial session  consisting of discussion class each week.  Lecturers may go through specific examples, give demonstrations and present slides that contain theoretical concepts in the lectures.  In the discussion classes students will be discussing in-depth fundamental and interesting problem solving exercises related to information security and present solutions in class. The discussion classes will complement the lectures and help  students consolidate concepts and practise problem solving skills.

Timetable information

For information on timetabling for on-campus classes please refer to MUTTS, http://mutts.monash.edu.au/MUTTS/

Tutorial allocation

On-campus students should register for tutorials/laboratories using the Allocate+ system: http://allocate.cc.monash.edu.au/

Unit Schedule

Week Topic Key dates
1 Introduction to information security  
2 Principles of encryption  
3 Cryptography I  
4 Cryptography II  
5 Key Escrow  
6 Authentication I - Example 1 assignment 1 due 28-08-09
7 Introduction to number theory  
8 Public Key Cryptography  
9 Integrity & Authenticity  
10 Biometric authentication- Example 2  
Mid semester break
11 Key Management  
12 Intrusion detection and software security- Management Issues assignment 2 due 16-10-09
13 Revision  

Unit Resources

Prescribed text(s) and readings

No book is prescribed as a text book for this unit. However three books are suggested as recommended texts. It is advisable to have at least one of those books. A number of copies of the recommended books are available at various Monash University libraries.

Recommended text(s) and readings

The list references:

  • Cryptography and Network Security : Principles and Practice – William Stallings, Fourth Edition, 2007, Prentice Hall.
  • Computer Security : Principles and Practice – William Stallings, 2008, Prentice Hall.
  •  Security Engineering: A Guide to Building Dependable Distributed Systems – Ross J Anderson, 2008, John Wiley & Sons, Inc

Study resources

Study resources we will provide for your study are:

  • Weekly lecture notes
  • Weekly discussion tasks to be undertaken during the tutorial sessions
  • Fortnightly quiz and its suggested solutions discussed in the tutorial class
  • Practise exam questions and solutions discussed in last tutorial class
  • This Unit Guide outlining the administrative information for the unit;
  • The unit web site on Blackboard, where resources outlined above will be made available.

Assessment

Overview

Assignment/Test: 40%
Examination (2 hours): 60%.

Faculty assessment policy

To pass a unit which includes an examination as part of the assessment a student must obtain:

  • 40% or more in the unit's examination, and
  • 40% or more in the unit's total non-examination assessment, and
  • an overall unit mark of 50% or more.

If a student does not achieve 40% or more in the unit examination or the unit non-examination total assessment, and the total mark for the unit is greater than 44% then a mark of no greater than 44-N will be recorded for the unit.

.

Assignment tasks

Assignment coversheets

Assignment coversheets are available via "Student Forms" on the Faculty website: http://www.infotech.monash.edu.au/resources/student/forms/
You MUST submit a completed coversheet with all assignments, ensuring that the plagiarism declaration section is signed.

Assignment submission and return procedures, and assessment criteria will be specified with each assignment.

  • Assignment task 1
    Title:
    Description:
    • 2 assignments/tests in week 6 and 12, will be conducted during the tutorial sessions on the topics covered in lectures.
    • Each assessment will have a weighting of 20%.
    Weighting:
    40%
    Due date:
    28/8, 16/10

Examination

  • Weighting: 60%
    Length: 2 hours
    Type (open/closed book): Closed book

See Appendix for End of semester special consideration / deferred exams process.

Due dates and extensions

Please make every effort to submit work by the due dates. It is your responsibility to structure your study program around assignment deadlines, family, work and other commitments. Factors such as normal work pressures, vacations, etc. are not regarded as appropriate reasons for granting extensions. Students are advised to NOT assume that granting of an extension is a matter of course.

Students requesting an extension for any assessment during semester (eg. Assignments, tests or presentations) are required to submit a Special Consideration application form (in-semester exam/assessment task), along with original copies of supporting documentation, directly to their lecturer within two working days before the assessment submission deadline. Lecturers will provide specific outcomes directly to students via email within 2 working days. The lecturer reserves the right to refuse late applications.

A copy of the email or other written communication of an extension must be attached to the assignment submission.

Refer to the Faculty Special consideration webpage or further details and to access application forms: http://www.infotech.monash.edu.au/resources/student/equity/special-consideration.html

Return dates

Students can expect assignments to be returned within two weeks of the submission date or after receipt, whichever is later.

Appendix

Please visit the following URL: http://www.infotech.monash.edu.au/units/appendix.html for further information about:

  • Continuous improvement
  • Unit evaluations
  • Communication, participation and feedback
  • Library access
  • Monash University Studies Online (MUSO)
  • Plagiarism, cheating and collusion
  • Register of counselling about plagiarism
  • Non-discriminatory language
  • Students with disability
  • End of semester special consideration / deferred exams
[an error occurred while processing this directive]