Skip to main content

Information and Network Security

Overview

  • Credit value: 15 credits at Level 7
  • Module convenor and tutor: Igor Razgon
  • Assessment: a two-hour written examination (80%) and practical coursework (20%)

Module description

The main aim of this module is to provide broad coverage of the field of information security. The module covers the technical as well as the management side of security in information systems. Despite being an essential part of security, technical methods such as cryptography are not enough to guarantee a high level of security. They have to be embedded into a wider context in order to make them more effective. Users of technology have to understand the underlying principles and follow certain policies to avoid security breaches. This module introduces the fundamental approaches to security engineering and includes a detailed look at some important applications.

indicative module Syllabus

  • Overview of Information Security
  • Access Control Matrix Model
  • Security Policies
  • Social Engineering
  • Basic Cryptography
  • Identity Management
  • Access Control Mechanisms
  • Confinement
  • Assurance and Trust
  • Network Intruders and Intrusion Detection
  • Firewalls and Malicious Software
  • Cryptographic Protocol Concepts
  • Authentication
  • Key Exchange
  • Economics of Information Security

    Learning objectives

    By the end of this module, you will be able to:

    • understand facts, concepts and principles of information security, such as security policies and cryptographic protocols
    • understand basic principles of cryptography, highlighting strengths and weaknesses of (historical) and current cryptosystems
    • understand basic concepts of risk management in the context of information security
    • discuss and explain the extent of security-related policies
    • explain examples of Network Security Applications
    • understand the basic issues surrounding the economics of information security
    • see how cryptography fits into the wider context of information security
    • critically analyse and evaluate arguments and evidence
    • analyse, evaluate and select between different security policies
    • understand the difficulty in detecting intruders.