Professional Documents
Culture Documents
Systems Security-BIC3263 - Course Outline
Systems Security-BIC3263 - Course Outline
Semester: 02
From February 2015 to June 2015
:
:
:
:
:
:
:
:
:
:
Lesotho
Faculty of Information and Communication Technology
B.Sc (Hons) in information Technology
2
3
Minor/Core
3 hours (2 hours lecture + 1 hour tutorial)
12 teaching weeks + 1 Final examination week + 1 week Midterm Break
Lecture + Tutorial
Mr. M. Borotho
Signature
Essential Information
Grades
Plagiarism
Course Introduction
Learning Outcome
References
Assessment Schedule
Assessment Criteria
Specific Criteria
Other documents as follows will be issued to you on an ongoing basis throughout the semester:
1
R 01 - 06121 2
Date
1.0
2.0
ESSENTIAL INFORMATION
As an indicator of workload one credit carries and additional 2 hours of self study per week. For
example, a course worth 3 credits require that the student spends an additional 6 hours per
week, either reading, completing the assignment or doing self directed research for that course.
Submission of ALL assignment work is compulsory in this course. A student cannot pass this
course without having to submit major assignment work and sit for the final examination by the
due date or an approved extension of that date. Failure to submit a major assignment and sit
for the final examination results to DNC.
All assignments are to be handed on time on the due date. Students will be penalised 10
percent for the first day and 5 percent per day thereafter for late submission (a weekend or a
public holiday counts as one day). Late submission, after the date Board of Studies meeting
will not be accepted.
Due dates, compulsory assignment requirements and submission requirements may only be
altered with the consent of the majority of students enrolled in this course at the beginning/early
in the program.
Extensions of time for submission of assignment work may be granted if the application for
extension is accompanied by a medical certificate.
Overseas travel is not an acceptable reason for seeking a change in the examination schedule.
Only the Head of School can grant approval for extension of submission beyond the
assignment deadline.
Supplementary exams can only be granted if the level of work is satisfactory AND the semester
work has been completed.
IEEE referencing and plagiarism policy will apply on all written assignments.
Absenteeism at any scheduled presentations will result in zero mark for that presentation.
Visual presentation work in drawn and model form must be the original work of the student.
2
R01 061212
3.0
4.0
These rules and regulations are to be read in conjunction with the UNIT AIMS AND
OBJECTIVES
All assignments/projects must be completed and presented for marking by the due date.
All assignments must be delivered by the student in person to the lecturer concerned. No other
lecturer is allowed to accept students assignments.
Any scheduling of tutorials, both during or after lecture hours, is TOTALLY the responsibility of
each student. Appointments are to be proposed, arranged, confirmed, and kept, by each
student. Failure to do so in a professional manner may result in penalty of grades. Tutorials
WITHOUT appointments will also NOT be entertained.
Note that every assignment is given an ample time frame for completion. This, together with
advanced information pertaining deadlines gives you NO EXCUSE not to submit assignments
on time.
GRADES
All courses and assessable projects will be graded according to the following system. With respect
to those units that are designated 'Approved for Pass/Fail' the grade will be either PA or F:
Grade
Numeric Grade
90 100
A+
85 89
80 84
A-
75 79
B+
74 70
65 69
B-
60 64
C+
55 59
50 54
C-, PX, PC
0 49
Description
Pass
Fail
3
R01 061212
5.0
EXP
Exempted
PC
Pass Conceded
PP
PX
Deferred
Withdraw
DNA
DNC
6.0
COURSE INTRODUCTION
This class will provide students an overview of systems security, its workings and its role in
protecting data and computing resources. The course begins with a discussion of the
fundamental problem and tools in protecting a computing systems and proceeds through the
various security services that apply to these systems.
7.0
8.0
LEARNING OUTCOME
Upon completion of the course, student will be able to identify and understand the following:
Discuss the technical, business, societal and ethical aspects of problems in computer security.
Describe and assess a broad range of security systems deployed or suggested for solving
those problems.
4
R01 061212
9.0
Components of M-Commerce.
1. [16/02/2015-20/02/2015]
LECTURE 1:
SECURITY PROBLEM
Lecture Synopsis:
Handout:
Week:
2. [23/02/2015-27/02/215]
LECTURE 2:
CRYPTOGRAPHY-AN OVERVIEW
Lecture Synopsis:
Overview
Secret key cryptography
Public key cryptography
Hashes and message digests
Steganography
Handout:
Week:
LECTURE 3-4:
CRYPTOGRAPHY-KEY MANAGEMENT
Lecture Synopsis:
Diffie-Hellman Key Exchange
Ties to Authentication Protocols
Public-key Key Exchange (PGP, X.500,S/MIME)
Peer-to-peer
Group Key Management
Handout:
Week:
5 [16/03/2015-20/03/2015]
LECTURE 5:
Lecture Synopsis:
Password-based authentication
5
R01 061212
Unix vs Windows
Kerberos
X.500
Hardware Authentication
Biometrics
Handout:
Week:
6 [23/03/2015/ - 27/03/2015]
LECTURE 6:
Lecture Synopsis:
Viruses
Worms
Spyware
Denial of Service Attacks
Transmission Vectors. e.g Spam
Handout:
Week:
7 [30/03/2015-03/04/2015]
MIDTERM EXAMINATIONS
Week:
8 [06/04/2015- 10/04/2015]
SEMESTER BREAK
Week:
9 [13/04/2015-17/04/2015]
LECTURE 9:
COUNTERMEASURES
Lecture Synopsis:
Firewalls
Virus Checkers
Patch and Configuration Management
Handout:
Week:
10 [20/04/2015-24/04/2015]
LECTURE 10:
Lecture Synopsis:
Commercial Intrusion Detection Systems
Research Intrusion Detection Systems
Handout:
Week:
11 [27/04/2015-01/05/2015]
LECTURE 11:
Lecture Synopsis:
Social Engineering
Phishing
6
R01 061212
Character Sets
Complexity of proper security deployment
Configuration Issues
Passwords
Handout:
Week:
12 [04/05/2015-08/05/2015]
LECTURE 12:
TRUSTED COMPUTING
Lecture Synopsis:
The Public Perception of Trusted Computing
The Hardware Basis for Trusted Computing
The Software and OS Basis for Trusted Computing
Virtualization
Negotiating Trust and Obligation
Case Studies
Privacy
Handout:
Week:
13 [11/05/2015 15/05/2015]
LECTURE 13:
CYBER-PHYSICAL SYSTEMS
Lecture Synopsis:
Requirements for Security
Need for Performance Isolation
Security for Cloud Computing
Handout:
Chapter 13 PowerPoint handouts
____________________________________________________________________________
Week:
14 [18/04/2015 22/05/2015]
REVISION WEEK
Week:
15
Week:
16
11.0 REFERENCES
1. Bishop Matt, Computer Security: Art and Science, 2003, Addison-Wesley Professional.
7
R01 061212
2. Pfleeger Charles P., Pfleeger Shari Lawrence, Security in Computing, 2015 5th edition, Prentice
Hall.
3. Schneier Bruce, Applied Cryptography,1996, John Wiley & Sons
4. Stallings William, Network Security and Cryptography 5th edition, 2010, Pearson.
8
R01 061212
ISSUE
DUE
DESCRIPTION
FOUR LABORATORY
DATE
WEEK 3
DATE
WEEK3
%
5%
EXPERIMENTS
CLASS TEST
GROUP ASSIGNMENT
MID TERM EXAMINATION
FINAL EXAM
WEEK 4
WEEK 6
WEEK 7
WEEK 15
WEEK 4
WEEK10
WEEK 7
WEEK 16
10%
25%
30%
35%
TOTAL
100%
Each assignment will be handed out with the project brief and will vary, depending on the
teaching and learning objectives of the specific assignment.
Each student will receive a completed assessment sheet back with their marks, thereby giving
student feedback on each set criterion and the project as a whole.
9
R01 061212