Security policy, access control techniques, biometrics, intrusion monitoring, malicious code, communications security (cryptography), physical security, electronic forensics, mobile phone issues, and continuity and resiliency planning.
In today's world everything is controlled and/or driven by computers. Just about everything
we do is impacted by a computer somewhere - whether it's flying, filing your tax return,
going to the hospital, working on an assignment for university at home, surfing the
internet, participating in an email exchange or a Skype conversation, or using your
smartphone for whatever purpose. The list goes on and on.
Because of the ubiquitous nature of this technology and the level to which it impacts each and every one of us, it becomes apparent that protecting the various aspects of computing is vital to the continuity and proper functioning of this technology. In fact there are not enough trained or qualified professionals to fill the constant need for those who are able to provide protective and defensive measures.
That notwithstanding, protecting your own usage of computing entails knowledge of exactly what the threats are and how to mitigate those threats. Each of us must put measures in place to protect our own informational assets.
COMP 210 Information Assurance (aka computer security) provides the student with a foundational understanding of what is at stake and how to defend and protect information assets, whether they be your own or those of the business you work in. This knowledge is really not optional - it is vital to the continuity of every computing service that each of us uses. In business it is an essential imperative.
|Paper title||Information Assurance|
|Subject||Computer and Information Science|
|Points||18 points 18 points|
|Teaching period(s)||First Semester, Second Semester|
|Domestic Tuition Fees (NZD)||$1,059.15|
|International Tuition Fees (NZD)||$4,627.65|
- 36 100-level points
- INFO 393, INFO 403
- Schedule C
- Arts and Music, Commerce, Science
- This paper is suitable for those who have worked with and/or have used computers. Knowledge of programming or system design is not a requirement.
Professor Holger Regenbrecht, email@example.com
- More information link
- View more information on COMP 210
- Teaching staff
To be confirmed
- Paper Structure
- What is Information Assurance?
- Ethics and Privacy
- Policy: The Foundation of Security Practice
- Security Management Concepts and Principles
- Risk Management and Security Awareness Training
- Introduction to Cryptography - Part I
- Introduction to Cryptography - Part II
- Cryptography and Private Key Algorithms
- Identification and Authentication Techniques
- Access Control Techniques - Biometrics
- Access Control Methodologies and Implementation
- Physical Security Requirements - Part I
- Physical Security Requirements - Part II
- Penetration Testing - Methods of Attack
- Attacks and Monitoring - Intrusion Detection
- Communications Security and Countermeasures
- Mobile Device Security - Part I
- Mobile Device Security - Part II
- Data and Application Security issues
- Malicious Code and Application Attacks
- Cloud Computing Issues
- Big Data - Security and Privacy
- Electronic Forensics - Part I
- Electronic Forensics - Part II
- Information Assurance - A Holistic Necessity
- Review for Final Exam
- Teaching Arrangements
- There are no tutorials. This is a practical paper based on lectures, additional readings,and internal research assignments.
- There is a course reader that will be distributed in the first lecture.
Other texts and/or reference material will be recommended orprovided.
- Course outline
- View the most recent Course Outline
- Graduate Attributes Emphasised
- Lifelong learning, Communication, Critical thinking, Ethics, Information literacy,
View more information about Otago's graduate attributes.
- Learning Outcomes
- Students who successfully complete the paper will be able to:
- Identify risks associated with computer usage, storage, communications and mobile phone use and know how to mitigate those risks (critical thinking, business environment, disciplinary knowledge)
- Discuss the issues and principles of ethics and privacy - not only from an ICT perspective, but also from a general business perspective - and discuss how these issues apply to a professional career (critical thinking, business environment, disciplinary knowledge)
- Describe the basic properties of cryptography and be in a position to know when and where to use this technology, as well as understand the differences between good and bad cryptography in order to be able to make secure use of this tool (critical thinking, business environment, disciplinary knowledge)
- Critically evaluate physical security methods and, in particular, where and how these are applied to computing (critical thinking, business environment, disciplinary knowledge)
- Discuss the principles of electronic forensics what can be achieved with it, what cannot be achieved by its use, and when and how to use it (critical thinking, business environment, disciplinary knowledge)
- Understand the importance of authentication systems, the relative strengths of the various authentication regimes currently in use and how intrusion detection works, as well as when and where to make use of penetration testing techniques (critical thinking, business environment, disciplinary knowledge)