ICT379

Security Architectures and System

Administration

Unit Information Guide

2021

This information should be read in conjunction with the online learning materials
which can be found on your LMS page

Unit Coordinator:
Dr Hui Cui
Discipline of Information Technology, Media and
Communications, Murdoch University
Email: hui.cui @murdoch.edu.au
© Published by Murdoch University, Perth, Western Australia, 2021.

This publication is copyright. Except as permitted by the Copyright Act no part of it may in
any form or by any electronic, mechanical, photocopying, recording or any other means be
reproduced, stored in a retrieval system or be broadcast or transmitted without the prior
written permission of the publisher.
 CONTENTS

UNIT INFORMATION
ONE Introduction
TWO Contact details
THREE How to study this unit
FOUR Resources for the unit
FIVE Study schedules
SIX Assessment
 ONE
Introduction
Unit overview
This unit considers information technology security in detail from an architectural perspective.
That is, not only are the different layers, mechanisms and components that operate to provide a
secure computing environment reviewed in detail, but the groupings, similarities and
interrelationships between these are analysed. However, the unit also considers the limitations
of an architectural perspective of security and the reasons why security mechanisms and
primitives fail to constitute a well-designed architectural model.
Prerequisites
In order to enrol in this unit, you must have completed ICT287 Computer Security.
Learning outcomes for the unit
On completion of this unit you should be able to:
1. Understand the application of the security architecture to real-world
applications.
2. Understand access control principles and apply them to address security issues
in information systems.
3. Understand the role of authentication in security architectures, including its
applications, and design a secure authentication mechanism.
4. Understand basic cryptographic techniques and apply them to solve the issues
in practice.
5. Understand the security of networks from an architectural perspective.
6. Demonstrate how to install and manage the security of Windows server
systems and networks.
7. Analyse the architectural security of the application to identify underlying
weaknesses and suggests the mechanisms necessary to resolve these.

ICT379 Unit Information 1

Graduate attributes developed in the unit
This unit will contribute to the development of the following Graduate Attributes: (see
http://our.murdoch.edu.au/Educational-Development/Preparing-to-teach/Graduate- attributes/):
1. Communication - Reading skills, Writing skills, ICT skills
2. Critical and creative thinking - Critical thinking, Creative thinking, Problem
solving, Research skills
3. Social interaction – Collaboration
4. Independent and lifelong learning - Organisational and time management
skills, Independent study
5. In-depth knowledge of a field of study - Knowledge of a field of study,
Professional skills
Skills Framework for the Information Age (SFIA) skills developed in
the unit
SFIA SFIA SFIA Skill Code
Category Subcategory
Strategy and Information Information SCTY
Architecture Strategy Security
Service Service Security SCAD
Management Operation Administration
Strategy and Advice and Consultancy CNSL
Architecture Guidance
Strategy and Advice and Technical TECH
Architecture Guidance Specialism

What you need to know

Generic information which students need to know is available at the ‘What you need to know’
web page (see http://our.murdoch.edu.au/Educational-technologies/What-you- need-to-know/).
The information includes:
• links to the Assessment Policy
• a description of Academic Integrity
• links to information about: Examinations; Non-discriminatory language; Student
appeals; Student complaints; Conscientious objection and assessment policy
• determination of grades from components/marks
• information for equity students

ICT379 Unit Information 2

 TWO
Contact details
Unit coordinator
Your unit coordinator for ICT379 is Dr Hui Cui. She is a lecturer in the Discipline of
Information Technology.
Unit coordinator contact details
Dr Hui Cui
Office: B245. L1. R011
Email: hui.cui@murdoch.edu.au
Phone: 9360 7211
Tutor contact details
If you are enrolled internally you will meet your tutor at the first tutorial session. They will
provide you with their contact details.
If you are enrolled externally in a unit, you are assigned a tutor who will advise you on any
problems with the unit you may have and who will mark your assignments.
Administrative contact
Students can contact the School Office:
Room: SC 2.026 (Building 245)
Email: SEIT@murdoch.edu.au
Phone: 9360 6603
Technical help
For technical difficulties contact the IT Service Desk: ITservicedesk@murdoch.edu.au or
phone 9360 2000.
For difficulties with other online materials contact the Unit Coordinator.

ICT379 Unit Information 3

 THREE
How to study this unit
Topics covered
The unit material is divided into several topics, structured around conceptual linkages, rather
than arbitrary periods of time. Topics themselves contain subdivisions regarding these related
concepts. Collectively the unit considers the mechanisms that provide security at various layers
within system architectures. By the end of the unit, students should be able to see how these
architectural layers work together to provide the required security properties.
The following topics will be covered:
• Introduction.
• Authentication, Authorization and Access control.
• Cryptography.
• Encryption, Digital signature, Hash functions.
• Network security.
• Firewalls, IPS and IDS, Kerberos, SSL, IPSec.
• Cloud security.
Learning activities – internal students
The lectures will mostly focus on the theoretical concepts required for an understanding of
security architectures. The systems administration skills that complement this understanding are
featured in the tutorial sessions. As the unit aims to teach a range of practical, real-world skills,
students will be required to keep up to date with weekly unit tasks or discussions, as well as
industry trends and cases. Attendance at classes is strongly encouraged.
Learning activities – external students
External students will have access to lecture material and recordings via the LMS. They will be
assigned an external tutor and undertake the same tutorial activities as internal students, where
possible, supported by the LMS.
There are readings for each topic and you are expected to have obtained and read them in time
to be able to contribute to any online discussion of the weekly topic, and to seek clarification
from your tutor as needed. As with other external units, you will be assigned a tutor who will
advise you on any problems with the unit you may have and who will mark your assignments.
Your tutor is there to help you. You should have no hesitation in contacting your tutor if you
have any questions about the content of the unit.
You are encouraged to attend any lectures that you can. If you are not able to attend lectures
but can regularly attend a tutorial it is recommended that you enrol as an internal student.
If you wish to discuss this option, please contact your unit coordinator.
Time commitment
As this is a 3-credit point unit, there is an expectation that over the course of the teaching period
you will spend somewhere in the region of 150 hours working on this unit. This will generally
equate to somewhere around 10 hours per week inclusive of class time.
If you are unable to attend classes, it is essential that you keep up to date with the material.
Unit changes in response to student feedback
Student feedback about ICT379 is welcomed. If you wish to provide feedback, please do so at
any time. In addition, you will be provided with a formal opportunity to do so in the unit survey
towards the end of semester.
ICT379 Unit Information 4
 FOUR
Resources for the unit
Unit materials
Essential
textbook No recommendation for textbooks.

Online
resources
The Online Unit (i.e. the ICT379 LMS site) can be accessed from your
MyMurdoch page.

Copies of the unit materials will be made available on a week-by-week

basis from the ICT379 LMS site.

Other
references In addition to the readings from the textbook, there may be additional
readings for some topics. These will either be given out in class, freely
available on the Internet or available from the Library’s electronic reserve
(eReserve):
http://prospero.murdoch.edu.au/search~S1/

You may also make use of the library’s databases to find journal articles
and conference papers:
http://library.murdoch.edu.au/Find-information/Databases/

Computing
resources The University uses software called Urkund which checks for plagiarism.
Be aware that any work submitted electronically may be manually or
automatically submitted to Urkund. Further, please note note that when
you or your Unit Coordinator submit assignments electronically, a copy of
your work is retained on the database to check collusion and future
plagiarism. The University has a legal agreement with Urkund that it will
not share or reproduce student work in any form.

ICT379 Unit Information 5

 FIVE
Study schedules
This timetable will help you to plan your study over the semester. However, it is only a rough
guide to our coverage of the unit material.
Topic Title

1 Introduction
2 Authentication, Authorization and Access Control.

3 Cryptography.

4 Network security.

5 Cloud security.

6 Unit Review

Topic Online Documentation

Online documentations on the following topics are suggested being reviewed prior to the
commencement of the laboratory exercises.
• Active Directory
https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/virtual-
dc/active-directory-domain-services-overview
• Group Policy
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-
2012-R2-and-2012/hh831791%28v%3dws.11%29
• Windows Access Control
https://msdn.microsoft.com/en-us/library/windows/desktop/aa374876(v=vs.85).aspx

ICT379 Unit Information 6

 SIX
Assessment
Assessment components
Assessment for this unit is conducted in accordance with the Assessment Policy. You will be
assessed on the basis of the following:
Assessment Value Approx. Due Date*
Quiz 10% One week after each lecture

Lab Assessment 15% Refer to LMS

Assignment 25% Refer to LMS

Middle Session Test 10% Refer to LMS

Final Examination 40% Assessment period

* Check the LMS for definitive due dates.

Assessment details
Quiz
There will be a set of quiz questions based on the lectures and session readings. These are
presented on the LMS. Please pay attention to the quiz dates as there are no extensions on
quizzes allowed.
Lab Assessment
This assessment is a task made up of assessable work compiled during the lab sessions. You
will be given a series of questions relating to the technical tasks completed during lab sessions.
You will need to compile the answers to these questions, along with relevant screenshots, as
you complete the labs. The parts of labs that need to be submitted are indicated with an orange
arrow. Labs 1 and 2 are not assessable. Labs 3 to 5 are due in week 6. Labs 6 to 8 are due in
week 10. Labs 9 to 10 are due in week 14.
Assignment
This assignment will require students to analyse a security scenario from an architectural
perspective in two parts. The first part will involve the discussion of security mechanisms within
the Windows system. The second part will require students to analyse the scenario and describe
an appropriate security architecture that is able to provide security. The first part of this
assignment will require students to read and summarize existing documentations. The second
part of this assignment will require students to conduct some independent research and think
creatively. Further details concerning this assessment will be provided during the unit.

ICT379 Unit Information 7

 Middle Session Test
There will be written examination during the middle of the unit. It will be given in the middle
of the semester. The test will focus on the contents of topics: Authentication, Authorization and
Access Control, Classical Encryption.
Final Examination
There will be written examination at the end of the unit. It will be online and of two-hour
duration. This assessment will address the unit learning outcomes.
Students may inspect their marked examination scripts and discuss the marking with the Unit
Coordinator within 14 days of the posting of results.
Assignment submission
Unless otherwise specified, assessments are to be submitted electronically via the
ICT379 LMS site using the Assignment course tool. So, your work does not get mixed
up with that of others make sure that each piece of assessment includes your name.

It is your responsibility to keep a copy of any work handed in for assessment

purposes. It is recommended that you keep both a hard copy and an electronic copy.

Assessments that are not received by the due date will be regarded as late unless an
extension has been granted by the unit coordinator. Applications for extensions should
be made as soon as a problem is experienced. Late submissions will be penalised at a
rate of 10 percent of the total marks available for the assignment per day (or part thereof).
Assignments submitted more than five (5) days after the due date will not normally be
accepted without an extension or strong justification. No submission will be accepted
more than two weeks after the due date, or after assignment returns have begun,
whichever is earlier.

Determination of the final grade

To pass the unit, you must:
• Have an aggregate score for the combined assessment of 50% or better
• Submit all pieces of assessment and sit the final examination

See Section 10 of the Assessment Policy regarding grades:

http://www.murdoch.edu.au/index/policies/index?Filter=assessment)

See also http://our.murdoch.edu.au/Educational-technologies/What-you-need-to-know/

ICT379 Unit Information 8