Faculty Contact Information:
e-mail : fgungord@faculty.ed.umuc.edu . More information will be given during the first meeting of class, January 24, 2004.
|
|
Consultation:
Meeting dates: Weekends 24/25 Jan, 7/8, 21/22 Feb, and 6/7 Mar
Meeting hours: 9:00 - 16:00 (morning: 9:00 - 12:00, afternoon: 13:00 - 16:00)
Office Hours: Before or after class by appointment.
|
|
Required Texts and Readings:
|
Whitman, M.and Mattord, J. (2003). Principles of Information Security. Boston, MA: Thompson - Course Technology.
|
|
Supplementary Readings:
The standard for papers in the graduate program is the APA style. All participants in this course and all graduate INSS, MGMT, PUAD, and ECON courses should have a copy of the style guide:
American Psychological Association. (2001). Publication Manual of the American Psychological Association, 5th Edition. Washington DC: Author.All graduate students should be prepared to utilize the UMUC online library at http://www.umuc.edu/library/. The library contains a large number of full text academic journals that are free of charge and immediately available. The library homepage also contains a number of links related to improving students' research and writing skills.
A list of recommended links on Information Security will be distributed in class.
|
|
Recommended Journals:
|
Publications of the various professional societies (such as ACM -- the Association for Computing Machinery, the IEEE Computing Society, and the various management professional societies) are strongly recommended. In addition, there are many trade journals (such as eWEEK) that MIS professionals should become familiar with, many of these being published both weekly and on-line.
|
|
Course Description:
|
3 semester hours credit. Prerequisites: Either INSS 510, INSS 520, INSS 530, or permission of the Program Director. Explores security policies, models, and mechanics for secrecy, integrity, and availability. Topics include operating systems models and mechanisms for mandatory and discretionary controls; data models, concepts, and mechanisms for database security; basic cryptography and its applications; security in computer networks and distributed systems; as well as control and prevention of viruses and other malicious programs.
|
|
Course Goals:
Upon completion of the course, participants should:
1. Understand the threats, vulnerabilities and risks with an information system infrastructure
2. Understand the security issues in network systems
3. Have a basic understanding of cryptography
4. Be familiar with cryptographic technologies including symmetric key cryptosystem and asymmetric key cryptosystem
5. Have a basic understanding of firewalls, routers and protocols in communication systems
6. Be familiar with Risk Management practices
7. Be able to distinguish between business continuity and disaster recovery
8. Develop an understanding of laws and ethics regarding information systems security
|
|
Course Objectives:
At the conclusion of this course the student will be able to:
1. Identify the resources of an information system that must be protected
2. Distinguish information security from operations and physical security
3. List potential security threats, vulnerabilities and risks of information systems, particularly on the network
4. Define and discuss the role of cryptography
5. Evaluate various data encryption methods
6. Identify various control mechanisms used to prevent, detect and correct error in an information system
7. Define the responsibilities of Security Administrators
8. Be able to develop a disaster recovery plan for an information system
9. Develop standards, guidelines and procedures to implement security policy in an information system
|
|
Grading Information:
Grades for this course will be assigned as follows:
A 92%
B 80 – 91%
C 70 – 79%
F Below 70%
Please note that Bowie State University does not use "D" for graduate students. The grade F(a) is used to designate academic failure. F(n) is used to designate failure for non-completion. Grades of Incomplete or Withdrawal are governed by UMUC-Europe policies. For further details, please refer to the UMUC-Europe Graduate Catalog, available in your local Education Center or online at http://www.ed.umuc.edu/general_info/publications/catalogs.
|
|
Course Requirements:
Graduate school at the masters level focuses on helping students obtain the education needed for success as professionals in their chosen fields. Thus, UMUC-Europe Graduate Programs and Bowie State University share the common goals of promoting excellence in academic scholarship through thoughtful inquiry and the skillful application of knowledge and theory for the betterment of society.
In order to maximize your graduate educational experience in general and this course in particular, you are required to:
10% - Participate in classroom discussions
30% - Complete graduate level project and orally/visually present prepared material
20% - Complete two assignments (10% each)
20% - Complete midterm exam
20% - Complete final exam
|
|
Description of Course Requirements:
Participate in classroom discussions: You are expected to come to class prepared to engage in all discussions in a professional and informed manner. Usually this requires two to three hours for every hour of a face-to-face class.
Complete graduate level projects and orally/visually present prepared material: The students are required to develop a thorough understanding on a topic related to information security. The list of the topics will be announced in class. Students are expected to do an extensive research on an assigned topic and orally/visually present their work to class. You are required to conduct professional-level research, including appropriately citing works of others and avoiding plagiarism. The paper and the presentation must be conducted in a professional manner. In a face-to-face course, this typically means an oral presentation accompanied by appropriate visual material. Students may work in teams. Further details will be discussed during the first meeting of class.
Complete two assignments(10% each): Students are required to write two papers on selected topics on Information Security. Assignment topics will be announced in class. The due dates are indicated in the Course Schedule. Assignments must be submitted no later than the due dates for full credit. One-week late submission is allowed but 20% will be deducted from the grade for that assignment. Any assignment that is more than a week late will not be graded.
Complete midterm and final examinations: The examination process in this class will assist you in developing the writing and critical thinking skills necessary for successfully passing the comprehensive exam required of all graduate students. The exams are designed to be 30% vocabulary/multiple choice/problems and 70% essay question(s). The vocabulary part of the exams will be closed book; the essay part will be open book/open notes. The essay questions used for this course will either be taken directly from past comprehensive exams or written as though to be included on a comprehensive exam.
Note: Please remember that absences or late submissions beyond your control for any assignment and/or exam give you the right to make up the work that you've missed. However, the student must contact the instructor and make arrangements before the due dates of the assignments, project and/or the exams.
|
|
Course Schedule:
This schedule presents 16 units or modules, with each unit corresponding to a half-day on weekends.
Initial meeting: 24 January: morning(9:00-12:00)
Introductions
Review of syllabus
Clarification of goals, objectives and requirements
Orientation to subject
Chapter 1: Introduction to Information Security
Second meeting: 24 January: Afternoon (13:00-16:00)
Chapter 2: The Need for Security
Third meeting: 25 January: Morning (9:00-12:00)
Chapter 3: Legal, Ethical and Prof. Issues in Information Security
Fourth meeting: 25 January: Afternoon (13:00-16:00)
Chapter 4: Risk Management: Identifying and Assessing Risk
Fifth meeting: 7 February: Morning (9:00-12:00)
Chapter 5: Risk Management: Accessing and Controlling Risk
Assignment 1 - Due Date: 7 February
Sixth meeting: Afternoon (13:00-16:00)
Chapter 6: Blueprint for Security
Seventh meeting: 8 February: Morning (9:00-12:00)
Chapter 7: Planning for Continuity
Eighth meeting: 8 February: Afternoon (13:00-16:00)
Midterm Exam (Chapters 1 - 7)
Ninth meeting: 21 February: Morning (9:00-12:00)
Chapter 8: Security Technology
Assignment 2 -Due Date: 21 February
Tenth meeting: 21 February: Afternoon (13:00-16:00)
Appendix A: Cryptography
Eleventh meeting: 22 February: Morning (9:00-12:00)
Chapter 9: Physical Security
Twelfth meeting: 22 February: Afternoon (13:00-16:00)
Chapter 10: Implementing Security
Thirteenth meeting: 6 March: Morning (9:00-12:00)
Chapter 11: Security and Personnel
Fourteenth meeting: 6 March: Afternoon (13:00-16:00)
Chapter 12: Information Security Maintenance
Fifteenth meeting: 7 March: Morning (9:00-12:00)
Final Examination Chapters 1-12 & Appendix A
Sixteenth meeting: 7 March: Afternoon(13:00-16:00)
Presentation of Projects
|
|
Academic Policies:
Please refer to the UMUC - Europe Graduate Catalog, available online at http://www.ed.umuc.edu/general_info/publications/catalogs/index.html or from your local Education Center, for information on the following:
Academic Integrity
Course Load
Exception to Policy
Grade Appeal Process
Make-up Examinations
Nondiscrimination
Students with Disabilities
|
|
Faculty Bio:
|
Nafia Filiz Gungordu is an Adjunct Associate Professor with UMUC European Division. She received her BS in Electrical Engineering, 1976 Bosphorus University Istanbul, Turkey and her MS in Computer Science, 1978 Bosphorus University, Istanbul, Turkey. She has taught mathematics and computer science courses at Bosphorus University, Istanbul, Turkey, European Business School, Brussels, Belgium, and City Colleges of Chicago, Brussels, Belgium. She has been with UMUC European Division since 1988 and with Bowie State University Graduate Management Information Systems (MIS) program since 1999.
|
|