wwwdev@monash.edu.au
Tue Apr 13 14:11:13 EST 1999
Auth: C Whip, University Webmaster's Office
Copyright © Monash University 1998 - All Rights Reserved - Caution
Offered subject to approval
S Lichtenstein
6 points - 3 hours per week - Second semester - Caulfield - Prerequisites: IMS9001 or equivalent, IMS9003 or equivalent, and IMS9049 or equivalent - Prohibitions: SYS3110, SYS3194, SYS4110
Objectives This subject will provide students with a knowledge of security issues in information systems, and will enable them to plan, develop and manage secure information systems. The students will gain knowledge of current information security methodologies and techniques, and knowledge of information security management and policy. Students will develop an understanding of the need for flexible yet strong information security, and the need for professional ethics in information security. Students will develop the skills to apply information security methodologies to the analysis of threats, risks and breaches in an information system, in order to select appropriate information security measures. Students will also develop the skills required to manage information security in an organisation.
Synopsis Review of information security components, principles, problems. types of threats, including hackers, viruses, Review of information security components, principles, problems. Types of threats, including hackers, viruses, natural disasters, fraud. Study of major, real-life, disastrous security breaches. Analysis of breaches, threats and risks. Study of information security philosophies, methods, models, techniques and controls, including risk analysis, access matrices, passwords, smart cards, and auditing. Information security for different applications. Internet security. Ethical and legal issues. Computer crime. Information security management and policy. Internet security management and policy. Information security in the future.
Assessment Assignment: 100%
Prescribed texts
Baskerville R Designing information systems security
Wiley, 1998
Baskerville R Risk analysis: An interpretative feasibility tool in
justifying 1991
Information Systems Security European journal of information systems
vol. 1, no. 2
Caelli W, Longley D and Shain M Information security for managers
Macmillan, 1989
Dillon G and Backhouse J information security: Management
challenge International Thomson Business Press, 1997
Pfleeger C P Security in computing Prentice-Hall, 1989
Smith M Commonsense computer security 2nd edn, McGraw-Hill, 1993
Warman A R Computer security within organisations Macmillan Information
Systems Series, 1993
Wood C C Principles of secure information systems design Computers and
Security, 9, 1990
wwwdev@monash.edu.au
Tue Apr 13 14:11:13 EST 1999