This unit looks at a range of security problems in information systems, namely physical security, network security and software security. Within these areas, topics covered include risk analysis, authentification, access control, and crypto techniques. It looks at various management issues, including disparate application examples, distributed systems authentication, contingency planning, audit and review. A range of security applications are used as examples.
Objectives
Upon completion students will
Have knowledge of risks, threats and goals of information security
Understand various controls and their effectiveness for information security in an organisation
be able to evaluate the effectiveness (both in terms of performance and limitations) of individual control techniques
be able to match the risk against controls and evaluate their applicability
be able to carry out an investigation into the selection and deployment of particular security measure and application technologies based on risk analysis as applied to information security in an organisation.
be able to use tools for counteracting risks and threats to information security.
Prerequisites
There are no prerequisite units specified for this unit. Basic pre-requisite knowledge of data comunications is assumed.
Unit relationships
CSE4892 is a specified elective unit in the Master of Digital Communications (MDC) and Master of Computer Science, Bachelor of Computer Science (Honours), Bachelor of Digital Systems (Honours) and Bachelor of Software Engineering degrees. It maybe taken by other coursework masters and honours students with the required prerequisite knowledge.
Texts and software
Required text(s)
No prescribed text. Only recommended text for this unit.
Textbook availability
Text books are available from the Monash University Book Shops. Availability from other suppliers cannot be assured. The Bookshop orders texts in specifically for this unit. You are advised to purchase your text book early.
Software requirements
Standard PC laboratory environment (with Windows XP and Linux partitions) with facility to install removable hard disks required. Students should be able to install and configure the operating system and adminster the system, hence root access is required.
Hardware requirements
Students studying off-campus are required to have the minimum system configuration specified by the Faculty as a condition of accepting admission, and regular Internet access. On-campus students, and those studying at supported study locations may use the facilities available in the computing labs. Information about computer use for students is available from the ITS Student Resource Guide in the Monash University Handbook. You will need to allocate up to 2 hours per week for use of a computer. In addition, you will need to allocate up to 6 hours of private study for this unit.
Recommended reading
Cryptography and Network Security: Principles and Practice. William Stallings, Fourth Edition, 2005, Prentice Hall, ISBN: 0-13-202322-9.
Security Engineering: A guide to building dependable distributed systems. Ross J. Anderson, 2001, John Wiley & Sons, Inc.
Practical Unix and Internet Security. Simon Garfinkel and Gene Spafford, O'Reilly & Associates.
Library access
You may need to access the Monash library either personally to be able to satisfactorily complete the subject. Be sure to obtain a copy of the Library Guide, and if necessary, the instructions for remote access from the library website.
Study resources
Study resources for CSE4892 are:
The CSE4892 courseware web site where lecture slides, tutorial problem sheets, assignment specifications and supplementary material will be posted.
The timetable for on-campus classes for this unit can be viewed in Allocate+
Assessment
Assessment weighting
Assessment for the unit consists of an assignment and the first assessment has a weighting of 20% each and assessment 2 has a weighting of 60%. Read this section VERY carefully.
Assessment Policy
To pass this unit you must:
You need to get a minimum of 40% in each assessment components and a minimum overall of 50% to pass this unit.
Your score for the unit will be calculated by:
Assignment *0.2 + Assessment no 1 * 0.20 + Assessment No 2 *0.60
Assessment Requirements
Assessment
Due Date
Weighting
Assessment 1
21/9/2006
20%
Assignment
5/10/2006
20 %
Assessment 2
12/10/2006
60 %
There is no examination for this unit
Exam period (S2/06) starts on 23/10/06
0 %
Assignment specifications will be made available At the unit's web page.
Assignment Submission
Assignments will be submitted by paper in the assignment box on the due date.
Extensions and late submissions
Late submission of assignments
Assignments after the due date will not be accepted unless written evidence is provided for special consideration for extension.
This policy is strict because comments or guidance will be given on assignments as they are returned, and sample solutions may also be published and distributed, after assignment marking or with the returned assignment.
Extensions
It is your responsibility to structure your study program around assignment deadlines, family, work and other commitments. Factors such as normal work pressures, vacations, etc. are seldom regarded as appropriate reasons for granting extensions.
Assignments after the due date will not be accepted unless written evidence is provided for special consideration for extension.
Grading of assessment
Assignments, and the unit, will be marked and allocated a grade according to the following scale:
Grade
Percentage/description
HD High Distinction -
very high levels of achievement, demonstrated knowledge and understanding, skills in application and high standards of work encompassing all aspects of the tasks.
In the 80+% range of marks for the assignment.
D Distinction -
high levels of achievement, but not of the same standards. May have a weakness in one particular aspect, or overall standards may not be quite as high.
In the 70-79% range.
C Credit -
sound pass displaying good knowledge or application skills, but some weaknesses in the quality, range or demonstration of understanding.
In the 60-69% range.
P Pass
acceptable standard, showing an adequate basic knowledge, understanding or skills, but with definite limitations on the extent of such understanding or application. Some parts may be incomplete.
In the 50-59% range.
N Not satisfactory
failure to meet the basic requirements of the assessment.
Below 50%.
Assignment return
We will aim to have assignment results made available to you within two weeks after assignment receipt.
Feedback
Feedback to you
You will receive feedback on your work and progress in this unit. This feedback may be provided through your participation in tutorials and class discussions, as well as through your assignment submissions. It may come in the form of individual advice, marks and comments, or it may be provided as comment or reflection targeted at the group. It may be provided through personal interactions, such as interviews and on-line forums, or through other mechanisms such as on-line self-tests and publication of grade distributions.
Feedback from you
You will be asked to provide feedback to the Faculty through a Unit Evaluation survey at the end of the semester. You may also be asked to complete surveys to help teaching staff improve the unit and unit delivery. Your input to such surveys is very important to the faculty and the teaching staff in maintaining relevant and high quality learning experiences for our students.
And if you are having problems
It is essential that you take action immediately if you realise that you have a problem with your study. The semester is short, so we can help you best if you let us know as soon as problems arise. Regardless of whether the problem is related directly to your progress in the unit, if it is likely to interfere with your progress you should discuss it with your lecturer or a Community Service counsellor as soon as possible.
Plagiarism and cheating
Plagiarism and cheating are regarded as very serious offences. In cases where cheating has been confirmed, students have been severely penalised, from losing all marks for an assignment, to facing disciplinary action at the Faculty level. While we would wish that all our students adhere to sound ethical conduct and honesty, I will ask you to acquaint yourself with Student Rights and Responsibilities and the Faculty regulations that apply to students detected cheating as these will be applied in all detected cases.
In this University, cheating means seeking to obtain an unfair advantage in any examination or any other written or practical work to be submitted or completed by a student for assessment. It includes the use, or attempted use, of any means to gain an unfair advantage for any assessable work in the unit, where the means is contrary to the instructions for such work.
When you submit an individual assessment item, such as a program, a report, an essay, assignment or other piece of work, under your name you are understood to be stating that this is your own work. If a submission is identical with, or similar to, someone else's work, an assumption of cheating may arise. If you are planning on working with another student, it is acceptable to undertake research together, and discuss problems, but it is not acceptable to jointly develop or share solutions unless this is specified by your lecturer.
Intentionally providing students with your solutions to assignments is classified as "assisting to cheat" and students who do this may be subject to disciplinary action. You should take reasonable care that your solution is not accidentally or deliberately obtained by other students. For example, do not leave copies of your work in progress on the hard drives of shared computers, and do not show your work to other students. If you believe this may have happened, please be sure to contact your lecturer as soon as possible.
Cheating also includes taking into an examination any material contrary to the regulations, including any bilingual dictionary, whether or not with the intention of using it to obtain an advantage.
Plagiarism involves the false representation of another person's ideas, or findings, as your own by either copying material or paraphrasing without citing sources. It is both professional and ethical to reference clearly the ideas and information that you have used from another writer. If the source is not identified, then you have plagiarised work of the other author. Plagiarism is a form of dishonesty that is insulting to the reader and grossly unfair to your student colleagues.
Communication
Communication methods
Talk to the lecturer at the end of the lecture.
Notices
The issues related to this unit will be discussed in the begining of the class. Failiure to attend the lectures cannot be the grounds for special consideration.
Consultation Times
The details of the consultation times will be provided in the lecture.
If direct communication with your unit adviser/lecturer or tutor outside of consultation periods is needed you may contact the lecturer and/or tutors at:
All email communication to you from your lecturer will occur through your Monash student email address. Please ensure that you read it regularly, or forward your email to your main address. Also check that your contact information registered with the University is up to date in My.Monash.