Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction University of Sunderland CSEM02 Harry R Erwin, PhD Peter Dunne, PhD.

Published byPrimrose Vivien Bryan Modified over 9 years ago

Similar presentations

Presentation on theme: "Introduction University of Sunderland CSEM02 Harry R Erwin, PhD Peter Dunne, PhD."— Presentation transcript:

1 Introduction University of Sunderland CSEM02 Harry R Erwin, PhD Peter Dunne, PhD

2 Purpose The purpose of CSEM02 is to prepare a post-graduate student for an entry-level network security position. We concentrate on the skills needed to do staff analyses of security requirements.

3 Responsibility Dr. Harry Erwin is the Module Leader for CSEM02 at the University of Sunderland. Dr. Peter Dunne is the co-Module Leader. Dr. Erwin has 35 years of experience as a software systems engineer and security engineer (mostly at TRW) for high-reliability systems. He supervises final year/MSc projects and PhD research in intelligent systems, security, and software engineering. E-mail: harry.erwin@sunderland.ac.uk or herwin@theworld.comharry.erwin@sunderland.ac.uk herwin@theworld.com

4 Responsibility (II) Dr. Dunne has expertise in numerical analysis and software engineering, a background in cryptography, and is the programme leader for a number of MSc programmes. E-mail: peter.dunne@sunderland.ac.ukpeter.dunne@sunderland.ac.uk

5 Objectives To develop a critical awareness of the current state of information system security: –Threats –Legal policies –Security technology –Security architectures

6 Learning Outcomes Knowledge –An understanding of the processes of security engineering, including risk analysis, requirements analysis and trust analysis. –An awareness of the tradeoffs involved in producing a security solution and architecture definition. –An understanding of the technologies available to implement a proposed security solution. –An awareness of developments in security technology. Abilities –Produce security solutions for particular situations. –Implement simple security solutions for small networks.

7 Indicative Content 1.Security engineering processes - risk, trust and security analysis. 2.Security policies. 3.Legal context. 4.Security objectives and mechanisms. 5.Symmetric and asymmetric cryptography. 6.Access control, authentication and audit mechanisms. 7.Secure programming techniques. 8.Firewalls and intrusion detection systems. 9.Security testing. 10.Incident response.

8 Outline 24 Lectures 12 Tutorials 12 Practical sessions Students will do individual presentations (30%). One group project (30%, not programming). We use problem-based learning (PBL). A comprehensive take-home assessment (40%). We can use http://webct.sunderland.ac.uk for communication, discussions, and submitting coursework.http://webct.sunderland.ac.uk

9 Administrivia The module handbook is posted here: http://osiris.sunderland.ac.uk/~cs0her/CSE M02HandbookMB.html http://osiris.sunderland.ac.uk/~cs0her/CSE M02HandbookMB.html and is also posted here: http://scat-he- g4.sunderland.ac.uk/~harryerw/CSEM02Ha ndbookMB.htmlhttp://scat-he- g4.sunderland.ac.uk/~harryerw/CSEM02Ha ndbookMB.html We may use WebCT to communicate: http://webct.sunderland.ac.uk http://webct.sunderland.ac.uk

10 Textbooks Key text that students must buy: –Matt Bishop, 2003, Computer Security: Art and Science, Addison-Wesley, ISBN: 0-201-44099-7. Reference text that students must be able to access readily: –Simson Garfinkel, Gene Spafford and Alan Schwartz, 2003, Practical Unix and Internet Security, 3rd Edition, O`Reilly, ISBN: 0-596-00323-4

11 Support Texts Other texts you should know where to find: –B. Schneier, 2000, Secrets and Lies, Wiley. –P. Neumann, 1995, Computer-Related Risks, Addison- Wesley. –Anderson, 2001, Security Engineering, Wiley, ISBN: 0-471- 38922-6. (Available free electronically) –Rescorla, E., 2001, SSL and TLS, Pearson Education. –Amoroso, 1999, Intrusion Detection, Intrusion.net. –Barrett and Silverman, 2001, SSH, the Secure Shell, O’Reilly. –Niels Ferguson, Bruce Schneier, 2003, Practical Cryptography, Wiley. –Scott Oakes, 2001, Java Security, 2nd Edition, O`Reilly

12 Material Covered Probabilistic Risk Analysis Trust Analysis (Sloman and Grandison) Legal Issues and Policies The Security Analysis Process Chapter 1, Overview Chapter 2, Access Control Chapter 3, Foundations Chapter 4, Security Policies

13 Material Covered Chapter 9, Basic Cryptography Chapter 10, Key Management Chapter 11, Cipher Techniques Chapter 13, Design Principles Chapter 14, Identity Chapter 15, Access Control (optional) Chapter 18, Assurance

14 Material Covered Chapter 23, Vulnerability Analysis (optional) Chapter 24, Auditing Chapter 25, Intrusion Detection Chapter 26, Network Security Chapter 27, System Security Chapter 28, User Security (optional) Chapter 29, Program Security (optional) Java Security

15 Lectures and Tutorials We are planning on about 25 45-minute lectures. Be here on time, please. There will be breaks. We are planning tutorials and discussion sessions in DGIC-220.

16 Course Marking Everything is coursework. Coursework mark must be at least 40% for you to pass. Written assignments may be submitted in essay or report format. Referencing your sources is required. During marking, assignments will be compared to determine if there is evidence for collaboration or cheating.

17 Questions?

Download ppt "Introduction University of Sunderland CSEM02 Harry R Erwin, PhD Peter Dunne, PhD."

Similar presentations

Web Applications Development

Web Applications Development
Refreshing institutional policies around academic integrity: a focus on student training Dr Neil Morris Faculty of Biological Sciences.

Refreshing institutional policies around academic integrity: a focus on student training Dr Neil Morris Faculty of Biological Sciences.
COMP 5138 Relational Database Management Systems Sem2, 2007 Lecture 0 Course Overview.

COMP 5138 Relational Database Management Systems Sem2, 2007 Lecture 0 Course Overview.
Chapter 1  Introduction 1 Chapter 1: Introduction.

Chapter 1  Introduction 1 Chapter 1: Introduction.
Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”

Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”
CSE 5392By Dr. Donggang Liu1 CSE 5392 Sensor Network Security Course Introduction.

CSE 5392By Dr. Donggang Liu1 CSE 5392 Sensor Network Security Course Introduction.
Computer Security 1 [COMPGA01] Nicolas T. Courtois - University College London.

Computer Security 1 [COMPGA01] Nicolas T. Courtois - University College London.
Some general principles in computer security Tomasz Bilski Chair of Control, Robotics and Computer Science Poznań University.

Some general principles in computer security Tomasz Bilski Chair of Control, Robotics and Computer Science Poznań University.
1 MM2711 Introduction to Marketing. 2 Teaching Staff LECTURER & SEMINAR LEADERCONSULTATION HOURS LEUNG Chi-hongTue: 14:30 – 16:30 Room: M912Thu: 13:30.

1 MM2711 Introduction to Marketing. 2 Teaching Staff LECTURER & SEMINAR LEADERCONSULTATION HOURS LEUNG Chi-hongTue: 14:30 – 16:30 Room: M912Thu: 13:30.
How to Prepare for the Fall Exam COM380/CIT304 Harry Erwin, PhD University of Sunderland.

How to Prepare for the Fall Exam COM380/CIT304 Harry Erwin, PhD University of Sunderland.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Creation of Policies, Part.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Creation of Policies, Part.
Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”

Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”
Overview CSE 465 Information Assurance

Overview CSE 465 Information Assurance
Winter 2008Logistics1 Advanced Computer Networks Prof. Venus W. Samawi Welcome to Time: 2pm –5pm Tuesday Winter 2008 3 credits.

Winter 2008Logistics1 Advanced Computer Networks Prof. Venus W. Samawi Welcome to Time: 2pm –5pm Tuesday Winter credits.
Academic Support for International Students in the Department of Psychology at the University of York Presented by: Kim Manderson, International Student.

Academic Support for International Students in the Department of Psychology at the University of York Presented by: Kim Manderson, International Student.
Multidisciplinary Research Methods Training Professor Linda A Lawton Graduate School Leader & Director of PgCert Research Methods.

Multidisciplinary Research Methods Training Professor Linda A Lawton Graduate School Leader & Director of PgCert Research Methods.
Teaching Security via Problem- based Learning Scenarios Chris Beaumont Senior Lecturer Learning Technology Research Group Liverpool Hope University College.

Teaching Security via Problem- based Learning Scenarios Chris Beaumont Senior Lecturer Learning Technology Research Group Liverpool Hope University College.
A First Course in Information Security

A First Course in Information Security
G53SEC Computer Security Introduction to G53SEC 1.

G53SEC Computer Security Introduction to G53SEC 1.
Intelligent Systems Programming COMM2M Harry R. Erwin, PhD University of Sunderland.

Intelligent Systems Programming COMM2M Harry R. Erwin, PhD University of Sunderland.

Similar presentations

Ads by Google