Lecture Outline - ICICS

shoulderslyricalAI and Robotics

Nov 21, 2013 (3 years and 9 months ago)

110 views


1

CICS 518

Computer

and

Information

S
ystem

Security
(2013
)


Instructor
:




Dr. Ardeshir Bagheri






bagheri
@mss.icics.ubc.ca

Teachin
g Assistant
:

Iliya
Koreshev

Cary Wong



Course Description
:


This course covers the technical, operational, and managerial
issues of computer system security in an operational environment.
The course will address threats to computer security including
schemes for breaking security, and techniques for detecting and
preventing security violations. Emphasis will be on instituting

safeguards, examining different types of security systems, and
applying appropriate level of security for the perceived risk.


Lecture Outline
:


1.


Security Fundamentals

2.


Cryptographic Tools

3.


Software Security issues

Buffer Overflow

Malicious Softw
are

4.


Operating System Security


2

Linux, Windows and Windows 7

Security

5.


Database Security

6.


Intrusion Detection

7.


Denial of Service

8.


Network Security

9.


Firewalls and Intrusion Prevention Systems

10.

Internet

Security

Protocols and Standards

11.

Intern
et Authentication Applications

12.

Legal and Ethical Issues in Computer Security


Learning Outcomes
:


The main objectives of this course are to:




Explain the standard methods for securing computer
applications and computer systems




Provide an awareness of the
risks and threats to
computer operations and communications




Provide an overview of different types of security
techniques




Address issues and challenges associated with
implementing the appropriate level of security to
meet the needs of organizations


Stu
dent
s who successfully complete the

course will be able to:



Recognize the basic risks and threats to computer
operations and communications




Recognize the fundamental cryptography techniques



3



Gain understanding concerning the safeguards and
security servic
es which can be

implemented in an
information technology environment




Recognize the various types of security solutions,
their advantages and disadvantages




Understand how to apply different types of security
techniques to the different levels of OSI model

within an information technology solution in order to
achieve a total security solution


Textbooks and References
:


The following books are
required
:



Pfleeger and Pfleeger.
Security in Computing
,
4
th

Edition, Prentice Hall.



Nestler, Conklin, White
.
Princi
pal of

Computer
Security
,

Lab Manual
,
2
nd

Edition,
McGrawHill.



Andrews,
Whittaker
.
How to Break
Web
Software
,
Addison
-
Wesley.


References
:




William Stallings
. Network Security Essentials, 4
th

Edition, Prentice Hall.



William Stallings
, Lawrie Brown
.
Compute
r
Securit
y: Principles and Practices, 2
nd

Edition,
Prentice Hall.



Robert Seacord, The CERT C Secure Coding
Standard
, Addison Wesley.



Michael Howard, Steve Lipner. Writing Secure
Code, Microsoft Press


4



Garfinkel, Spafford, Schwartz. Practical UNIX &
Internet

Security, 3
rd

Edition, O’Reilley.



Chapman, Zwicky. Building Internet Firewalls,
O’Reilly.



Ferguson, Schneier. Practical Cryptography, Wiley.



Anonymous. Maximum Security, 4
th

edition, SAMS



Michael Gregg. Hack the Stack, Syngress.



Gordon “Fydor” Lyon, NMAP
Network Scanning,
Insecure.Com LLC




Course Project
:




Students are required to do a
term
project that examines a
current problem in information system security.


Mark Breakdown
:


Project:


10
%

to 15
%

Assignments:

15%

to 20%

Labs

:


15
%

to 20%

Participatio
n:

5%

Final Exam:

45
%

to 50%


Note
:




Every student

is required to hand in his/her b
est attempt at
every assignment and lab in order to pass the course.



If you are late for a lecture, please do
not

disturb the
class;
wait until the break to join the cl
ass.





5



Cheating and Plagiarism
:

(zero tolerance)


o

Incidence of cheating or plagiarism will not be tolerated
in any case.

o

Students caught cheating or plagiarizing on
assignments, labs, or exams will receive a
failing grade
in the course

and will be reporte
d to registrar’s office.

o

If you are unsure as to what constitutes cheating or

plagiarism, consult

the

“Code of Academic Conduct” of

UBC and

the Student Handbook.


In order to pass the course, you must meet the following
conditions:




All

labs,

assignments
,
and the term project

must be
completed

and handed in
.



No marks would be given for
late

assignments and

lab
reports
.



Attendance in all classes and labs except in
documented

cases of illness
.