Skip to navigation | Skip to main content | Skip to footer
Menu
Menu

Current postgraduate taught students

COMP61421: Computer and Network Security (2012-2013)

This is an archived syllabus from 2012-2013

Computer and Network Security
Level: 6
Credit rating: 15
Pre-requisites: COMP61411: cryptography
Co-requisites: No Co-requisites
Lectures: 40 hours: Lectures and group work.
Course Leader: Ning Zhang
Additional Lecturers: Daniel Dresner
Course leader: Ning Zhang

Additional staff: view all staff
Timetable
SemesterEventLocationDayTimeGroup
Sem 1 P2 Lecture 2.19 Tue 09:00 - 17:00 -
Assessment Breakdown
Exam: 50%
Coursework: 50%
Lab: 0%

Themes to which this unit belongs
  • Security

Introduction

This course unit is jointly developed and delivered by Ning Zhang (from the School of Computer Science) and Daniel Dresner (a graduate of Manchester Business School who works with government, industry, and the third sector to secure information systems).

Aims

The course unit covers security technologies as well as the requirements of information system security throughout the system development process from the `Acquisition' stage to the `Disposal' stage.

Programme outcomeUnit learning outcomesAssessment
A1 A2 B2Have a good understanding of how to define system security requirements and a good understanding of a variety of generic security threats and vulnerabilities, and be able to identify and analyse particular security problems for a given network, combination of networks, or application.
  • Case Study Report
  • Examination
B2 C3 G4Be able to prioritise requirements, and match requirements to solutions and countermeasures commensurate with associated risks.
  • Case Study Report
  • Examination
A1Have a good understanding of the correlation of business processes to technology in relation to security requirements; particularly in the balancing of information and computing technologies with the human vulnerabilities in computing and information systems.
  • Case Study Report
  • Examination
C3Be familiar with the relevant industry security standards and the regulation, and their application.
  • Examination
  • Case Study Report
A1 A2Appreciate the application of security techniques and technologies in solving real-life security problems in practical systems.
  • Case Study Report
  • Examination

Syllabus

The need for information assurance

Security Breaches;
Introduction to business continuity;
System Lifecycles;
Trust;
Human vulnerabilities in computer and network security.

Introduction to standards

Plan-do-check-act lifecycles;
Overview of information security management standards.

Information security management

Security Policy;
Security Organisation;
Asset Classification and Control;
Personnel Security;
Physical and Environmental Security;
Communications and Operations Management;
Access Control;
System Development and Maintenance;
Incident Management;
Business Continuity Management;
Compliance.

Risk management

Vulnerabilities

Windows;
Unix;
Open Source.

Technologies and countermeasures

Entity identification and authentication;
Access control in computer systems and in networks;
Communication security, Virtual Private Networks (VPNs) and Web security;
Wireless network security;
E-Commerce security.

Active security

Audits and reviews;
Vulnerability scanners;
Penetration testing;
Inspection;
Computer forensics;
With active industry speakers as part of the core lecture programme.

Other Sources

There is an on-line support via the Moodle Virtual Learning Environment (https://moodle.cs.man.ac.uk/login/index.php) for this course.

Reading List

The following material supports the course unit:
National Computing Centre Guideline 269, Managing Risk - a practical guide, July 2002.
National Computing Centre Guideline 319: Information Systems Continuity - IT governance on the frontline
National Computing Centre Guideline 320, Desert Island Standards II, December 2008.
ISO/IEC 27002 (ISO/IEC 17799:2005) Code of practice for information security management.

Core Text
Title: Cryptography and network security: principles and practice (7th edition)
Author: Stallings, William
ISBN: 9781292158587
Publisher: Pearson
Edition: 7th
Year: 2017


Supplementary Text
Title: Building Internet firewalls (2nd edition)
Author: Zwicky, Elizabeth D. and Simon Cooper and D.Brent Chapman
ISBN: 1565928717
Publisher: O' Reilly
Edition: 2nd
Year: 2000
This is a highly respected book on the topic of Internet Firewalls.