To provide students with a core understanding of the principles and practice of building secure distributed systems.  To prov ide students with experience of how to address practical security problems.

(LO1) An in depth and critical understanding of information security concepts and models.

(LO2) An in depth and wide-ranging understanding of the principles and best practices for protecting information systems and critical infrastructures through prevention, detection and response cycles.

(LO3) A wide-ranging capability to identify threats, design security infrastructures and defeat attacks on information systems

(LO4) A comprehensive ability to develop security compliance policies according to industry standards.

(LO5) A substantial capability to carry out penetration testing and perform risk assessment for an organisation.

(S1) Organisational skills

(S2) Communication skills

(S3) IT skills

(S4) Communication and collaboration online participating in digital networks for learning and research

(S5) Learning skills online studying and learning effectively in technology-rich environments, formal and informal

Week 1:  Introduction Basics of information security engineering through studying several examples. The Open System Interconnection (OSI) security architecture that provides a common framework for both security protocols development and analysis.   Week 2:  Password, Access Controls and Distributed Systems Password and social engineering issues, technical protection of passwords, operating system access control, Role Based Access Control (RBAC), distributed systems security, fault-tolerance and failure recovery.   Week 3:  Basic Cryptology Symmetric encryption: DES, TDES, AES; symmetric authentication; asymmetric encryption and digital signature: RSA, DSA; key management, Public Key Infrastructure and related standards and practical examples.   Week 4:  Security policy models, Nuclear command and control The Reference Monitor (RM) concept, Multilevel Security (MLS), security policy models, Trusted Computing Platform Architecture (TCPA), nuclear com mand and control.   Week 5:  Physical security and biometrics Biometrics, physical tamper resistance, smart cards, Identity Based Cryptography (IBC), monitoring systems, emission security.   Week 6:  Network and Internetworking security, digital content protection The most common attacks on Internet systems, Distributed Denial of Service (DDoS) attacks, antivirus tools, intrusion detection, firewall, IETF protocols (TLS/SSL, IPSec, VPN, PKI, S/MIME), host-to-host and end-to-end security, XML digital signature, XML encryption.   Week 7:  eCommerce Security, Copyright, and Privacy Technology for eCommerce, payment systems, copyright and privacy.   Week 8:  Management Issues, and System Evaluation and Assurance Security management, security controls, security development lifecycle, system evaluation and assurance .

Teaching Method 1 - Virtual classroom hours (for online modules)
Description:
Teaching Method 2 - Non-classroom hours (for online modules)
Description:

Teaching Method
Online Learning

Description
Weekly seminar supported by asynchronous discussion in a virtual classroom environment facilitated by an online instructor.

Attendance Recorded
Yes

Notes
Number of hours per week that students are expected to attend the virtual classroom so as to participate in discussion, dedicated to group work and individual assessment is 7.5.

Self-Directed Learning Description: Number of hours per week that students are expected to devote to reading, research and other individual work to support engagement in the classroom is 11.25.