WebTycho

UMUC Europe Home

Undergraduate Programs

Portal

Graduate | Current Syllabi | Term001 |

THE UNIVERSITY SYSTEM OF MARYLAND

BOWIE STATE UNIVERSITY

GRADUATE PROGRAM IN MANAGEMENT INFORMATION SYSTEMS

INSS 635 SECURITIES CONTROL AND AUDIT INFORMATION

Location : RAF Lakenheath UK

Dates : Weekends 26/27 August; 9/10,23/24 September; 7/8 October 2000

Times :0900-1600 (Lunch 1200-1300)

Instructor : Chris Payne PhD.

Prerequisite : either INSS 510, INSS 520, INSS 530 or instructor permission

Texts : 1. Web Security and Commerce by Simson Garfinkel and Gene Spafford Published by O’Reilly & Associates Inc. 1997 ISBN 1-56592-269-7

2. Information Warfare and Security by Dorothy E. Denning Published by Addison-Wesley 1999 ISBN 0201433036

Course Description : Introduces ADP audit and control methods with emphasis on information systems controls. ADP security, type of ADP audit, concepts and techniques used in ADP audits are discussed. It also examines exposure to risk assessment and professional standards in the field of ADP auditing and internal control policy and procedures.

Course Objectives : At the conclusion of this course, the student will be able to :

1. understand the vulnerabilities of information systems and the importance of securing them effectively;

2. understand the basic techniques of data encryption;

3. appreciate the need for firewalls and understand their modes of operation;

4. be able to understand the basic principles of physical security;

5. appreciate the need for risk analysis, a comprehensive security policy and diligent security management.

6. understand the security aspects of information warfare.

Course Requirements : The course will be graded on the following components

Midterm Exam 35%

Final Exam 35%

Term Paper 30%

Grades : The following grades will be awarded.

A 93-100%

B 80-92%

C 70-79%

F(a) Below 70%

F(n) Regular non-attendance

The grade of I-Incomplete will only be awarded in exceptional circumstances e.g. unavoidable TDY or extenuating personal circumstances. Students are requested to inform the instructor of any possible changes to their schedules.

Schedule of Classes

*Meeting #*	*Topic of class*	*Garfinkel/Spafford*	*Denning*
1	Introduction and Overview	1	1
2	Web Security	2	2-3
3	Browsers and Downloading	3-4	4-5
4	Privacy Issues	5
5	Digital Certificates	6-9
6	Encryption	10	11
7	Encryption	11	12
8	Midterm Exam
9	Client Server Security	12-15
10	Hackers and Hacking		9
11	Viruses		10
12	Digital Signatures and Certificates	16
13	Access Controls		6,13
14	Risk Assessment and Mangement		14
15	Information Warfare		15
16	Final Exam and Term Paper hand-in

The Exams : There will be a midterm and a final exam . These will each consist of 10 questions requiring short essay-type answers. They are both ‘closed-book’ and the final exam. is not comprehensive i.e. it will cover only that part of the syllabus covered in the latter half of the term. A list of study guide topics will be presented in advance.

Term Paper : Students will be required to submit a term paper on the subject of some relevant branch of the subject of computer and information systems security. This paper will be completed individually and will be a report of the student’s own research. A target length is 6000 words. The subject matter etc. will be discussed in the first class meeting.

Instructor Contact

Your Instructor : An instructor biography is available on http://www.uomd.freeserve.co.uk

Office Hours : Before or after class or by appointment out of class hours.

Email : chris_payne@uomd.freeserve.co.uk

10037.2314@compuserve.com

Phone : 01895 257627

041046 1770 (Mobile)

Addresses :

Graduate Program, University of Maryland, IM Bosseldorn 30 ,69126 Heidelberg

Graduate Program, University of Maryland, Unit 29216,APO AE 09102

45 Rockingham Road, Uxbridge, Middlesex UB8 2TZ, United Kingdom

Dr. Chris Payne

London , UK

July 2000

Return to: Graduate Programs Syllabi