Core Syllabus :

Information security approached from the social sciences. The principles and underlying concepts for the setting of policy and for the management of corporate information security.

Course Content

• cmpe471-1.ppt
•  The orthodox security principles: confidentiality, integrity, availability.
•  Principles of information systems analysis for security; concept of analysis; basic features of information systems, semiotic model.
•  Principles of policy for security.
•  Principles of risk and contingency.
•  Principles of communication and security issues; theory of communication; pragmatics of security from speech act theory.
•  Risk analysis and risk management.
•  Nature of responsibility and policy in the management of security.
•  Security evaluation, certification and accreditation.
•  Role of cryptography in secure systems.
•  Secure payments, SET
•  Digital certificates, trusted third parties
•  Dynamics of existing products
•  Case studies

Teaching Arrangements

Lent term
Lectures

Grading:

Text: Most course material will be distributed in the class or can be found at the library and/or on the web. Lectures are prepared from various sources.

Reading List

• J R Beniger, The Control Revolution, Technological and Economic Origins of the Information Society, Harvard University Press, 1986
• W Caelli et al, Information Security Handbook, Macmillan, 1994
• W Cheswick & S Bellovin, Firewalls and Internet Security, Addison Wesley Professional Computing Series, 1994
• S. Gafinkel, Database Nation: the death of privacy, O'Reilly Associates 2000
• J Liebenau & J Backhouse, Understanding Information: an Introduction, Macmillan, 1990
• I J Lloyd, Information Technology Law, Butterworths, 1993
• C Pfleeger, Security in Computing, Prentice Hall, 1989
• G Robb, White Collar Crime in Modern England, Cambridge, 1992
• D. Russell and G.T. Gangemi, Computer Security Basics, O' Reilly and Associates, 1991
• W. Stallings, Network Security Essentials, Prentice Hall 2000