Accessibility Skip to Global Navigation Skip to Local Navigation Skip to Content Skip to Search Skip to Site Map Menu

COMP210 Information Assurance

Security policy, access control techniques, biometrics, intrusion monitoring, malicious code, communications security (cryptography), physical security, electronic forensics, mobile phone issues, and continuity and resiliency planning.

In today's world everything is controlled and/or driven by computers. Just about everything we do is impacted by a computer somewhere - whether it's flying, filing your tax return, going to the hospital, working on an assignment for university at home, surfing the internet, participating in an email exchange or a Skype conversation, or using your smartphone for whatever purpose. The list goes on and on.

Because of the ubiquitous nature of this technology and the level to which it impacts each and every one of us, it becomes apparent that protecting the various aspects of computing is vital to the continuity and proper functioning of this technology. In fact there are not enough trained or qualified professionals to fill the constant need for those who are able to provide protective and defensive measures.

That notwithstanding, protecting your own usage of computing entails knowledge of exactly what the threats are and how to mitigate those threats. Each of us must put measures in place to protect our own informational assets.

COMP 210 Information Assurance (aka computer security) provides the student with a foundational understanding of what is at stake and how to defend and protect information assets, whether they be your own or those of the business you work in. This knowledge is really not optional - it is vital to the continuity of every computing service that each of us uses. In business it is an essential imperative.

Paper title Information Assurance
Paper code COMP210
Subject Computer and Information Science
EFTS 0.1500
Points 18 points 18 points
Teaching period(s) First Semester, Second Semester
Domestic Tuition Fees (NZD) $1,059.15
International Tuition Fees (NZD) $4,627.65

^ Top of page

36 100-level points
INFO 393, INFO 403
Schedule C
Arts and Music, Commerce, Science
This paper is suitable for those who have worked with and/or have used computers. Knowledge of programming or system design is not a requirement.

Professor Holger Regenbrecht,

Teaching staff

To be confirmed

Paper Structure
  1. What is Information Assurance?
  2. Ethics and Privacy
  3. Policy: The Foundation of Security Practice
  4. Security Management Concepts and Principles
  5. Risk Management and Security Awareness Training
  6. Introduction to Cryptography - Part I
  7. Introduction to Cryptography - Part II
  8. Cryptography and Private Key Algorithms
  9. Identification and Authentication Techniques
  10. Access Control Techniques - Biometrics
  11. Access Control Methodologies and Implementation
  12. Physical Security Requirements - Part I
  13. Physical Security Requirements - Part II
  14. Penetration Testing - Methods of Attack
  15. Attacks and Monitoring - Intrusion Detection
  16. Communications Security and Countermeasures
  17. Mobile Device Security - Part I
  18. Mobile Device Security - Part II
  19. Data and Application Security issues
  20. Malicious Code and Application Attacks
  21. Cloud Computing Issues
  22. Big Data - Security and Privacy
  23. Electronic Forensics - Part I
  24. Electronic Forensics - Part II
  25. Information Assurance - A Holistic Necessity
  26. Review for Final Exam
Teaching Arrangements
There are no tutorials. This is a practical paper based on lectures, additional readings,and internal research assignments.
There is a course reader that will be distributed in the first lecture.

Other texts and/or reference material will be recommended orprovided.
Course outline
View the most recent Course Outline
Graduate Attributes Emphasised
Lifelong learning, Communication, Critical thinking, Ethics, Information literacy, Self-motivation.
View more information about Otago's graduate attributes.
Learning Outcomes
Students who successfully complete the paper will be able to:
  1. Identify risks associated with computer usage, storage, communications and mobile phone use and know how to mitigate those risks (critical thinking, business environment, disciplinary knowledge)
  2. Discuss the issues and principles of ethics and privacy - not only from an ICT perspective, but also from a general business perspective - and discuss how these issues apply to a professional career (critical thinking, business environment, disciplinary knowledge)
  3. Describe the basic properties of cryptography and be in a position to know when and where to use this technology, as well as understand the differences between good and bad cryptography in order to be able to make secure use of this tool (critical thinking, business environment, disciplinary knowledge)
  4. Critically evaluate physical security methods and, in particular, where and how these are applied to computing (critical thinking, business environment, disciplinary knowledge)
  5. Discuss the principles of electronic forensics what can be achieved with it, what cannot be achieved by its use, and when and how to use it (critical thinking, business environment, disciplinary knowledge)
  6. Understand the importance of authentication systems, the relative strengths of the various authentication regimes currently in use and how intrusion detection works, as well as when and where to make use of penetration testing techniques (critical thinking, business environment, disciplinary knowledge)

^ Top of page


First Semester

Teaching method
This paper is taught On Campus
Learning management system


Stream Days Times Weeks
L1 Wednesday 17:00-17:50 9-16, 18-22
Thursday 17:00-17:50 9-16, 18-22

Second Semester

Teaching method
This paper is taught On Campus
Learning management system


Stream Days Times Weeks
L1 Wednesday 17:00-17:50 28-34, 36-41
Thursday 17:00-17:50 28-34, 36-41