Course Title: Information Assurance and Security

Part A: Course Overview

Course Title: Information Assurance and Security

Credit Points: 12

Course Coordinator: Dr. Peter Bertok

Course Coordinator Phone: +61 3 9925 1851

Course Coordinator Email:peter.bertok@rmit.edu.au

Pre-requisite Courses and Assumed Knowledge and Capabilities

You should have a sound understanding of the following.

• Computer data communications, the structure and protocols of the Internet and the Web. These are normally taught in Web Servers and Web Technology or Data Communication and Net-centric Computing.

Course Description

This course gives an introduction to practical aspects of IT security for system developers, and presents the foundations as well as introduces the major specialisation fields. It looks at the different security mechanisms used in various areas of computing, including operating systems, databases and web-based applications.

For computer systems that are used and relied upon in many areas of life, security has become an important aspect; availability and correct operation are essential. IT professionals working in the field need to be well acquainted with the security features of the tools and applications they use and produce. Protection of data regardless of the information they contain is a critical task, and requires experts. The field of IT security has grown and evolved significantly in recent years, and different areas of specialisation have emerged.

Objectives/Learning Outcomes/Capability Development

This is an introductory course to IT security. The course objective is to demonstrate the overarching importance of IT security in subsequent courses in programming, networking, human computer interaction, databases, operating systems, and web systems.

In this course you will develop the following capabilities.

• Enabling knowledge: you will be able to apply your knowledge of computing and IT security to new situations and learn from the experience
• Critical analysis: you will be able to analyse and evaluate the security of computing and IT systems on a practical level
• Responsibility: you will have a good understanding of legal and privacy issues to designing secure software systems

Upon successful completion of the course students will be able to:

• explain the functioning of security services in computing environments
• understand the types and operation of exploits, such as those used in web-based applications
• describe basic system security mechanisms, such as those used in operating systems, file systems and computer networks
• appreciate the web security issues related to client-side and server-side scripting
• explain the security issues in mobile computing
• analyse privacy related issues in computing

Overview of Learning Activities

This course is delivered in on-campus mode but aims to provide multiple modes of delivery with course materials available electronically wherever possible. Each topic (one topic per week in standard on-campus mode) consists of 2 hours of lectures and 2 hours of supervised tutorial and laboratory work.

The learning activities included in this course are:

• key concepts will be explained in lectures, classes or online, where syllabus material will be presented and the subject matter will be illustrated with demonstrations and examples;
• tutorials and/or labs and/or group discussions (including online forums) focused on projects and problem solving will provide practice in the application of principles and procedures, allow exploration of concepts with teaching staff and other students, and give feedback on your progress and understanding;
• assignments, as described in Overview of Assessment, requiring an integrated understanding of the subject matter; and
• private study, working through the course as presented in classes and learning materials, and gaining practice at solving conceptual and technical problems.

Overview of Learning Resources

You will make extensive use of computer laboratories and relevant software provided by the School. You will also examine and analyse program constructs and structures and their relevance to security.
You will be able to access course information and learning materials through myRMIT and may be provided with copies of additional materials in class or via email. Lists of relevant reference texts, resources in the library and freely accessible Internet sites will be provided.
Use the RMIT Bookshop textbook list search page to find any recommended textbook(s).

For extra support with study organisation, assignment planning or learning skills advice you may wish to contact any of the following:
Study and Learning Centre http://www.rmit.edu.au/studyandlearningcentre
CS&IT Teaching & Learning Advisors: For appointments go to http://inside.cs.rmit.edu.au/staffbooking/ & click on Jeanette Holkner or Cecily Walker.

Overview of Assessment

This course will use a combination of practical assignment work and formal written examination. The practical assignment work may relate to programming.

For standard assessment details, including deadlines, weightings, and hurdle requirements relating to Computer Science and IT courses see: http://www.rmit.edu.au/compsci/cgi