INFO23431
Introduction to Information Systems Security
Sheridan College Logo
 
  I: Administrative Information   II: Course Details   III: Topical Outline(s)  Printable Version
 
Section I: Administrative Information
  Total hours: 42.0
Credit Value: 3.0
Credit Value Notes: N/A
Effective: Fall 2019
Prerequisites: MATH10025
Corequisites: N/A
Equivalents: N/A

Pre/Co/Equiv Notes: N/A

Program(s): Hon Bach CompSci - Mobile Comp
Program Coordinator(s): Magdin Stoica
Course Leader or Contact: Richard Pyne, Alex Babanski
Version:
20190903_02
Status: Approved (APPR)

Section I Notes: N/A

 
 
Section II: Course Details

Detailed Description
Students are introduced to the field of information security, and are presented with a spectrum of information systems security activities, tools, and methodologies. Students learn about the foundation for understanding the key issues associated with protecting information assets, determining the levels of protection, and designing a consistent information security system with appropriate intrusion detection and reporting features. Students learn through interactive lectures and assignment exercises about basic cryptography, hacker techniques and motivation, risks to information security systems and security solutions. 

Program Context

 
Hon Bach CompSci - Mobile Comp Program Coordinator(s): Magdin Stoica
This required second year course provides the foundation for understanding the key issues associated with protecting information assets, threat assessment and risks to information systems.


Course Critical Performance and Learning Outcomes

  Critical Performance:
By the end of this course, students will have demonstrated the ability to apply information security methodologies to protect information assets and address common security threats and vulnerabilities.  
 
Learning Outcomes:

To achieve the critical performance, students will have demonstrated the ability to:

  1. Identify risks to information systems. 
  2. Analyze security properties of software systems. 
  3. Classify common web security vulnerabilities. 
  4. Define security solutions that address specific vulnerabilities in an information system. 
  5. Analyze the hardware, software and personnel components of an information security system. 
  6. Employ access control techniques to information systems. 
  7. Apply encryption techniques to protect sensitive information and validate data integrity. 

Evaluation Plan
Students demonstrate their learning in the following ways:

 Evaluation Plan: IN-CLASS
 Quizzes (4 @ 4% approx. weeks 4,7,10,12)16.0%
 Labs/Inclass Exercises (2 @ 7% approx. weeks 5,11)14.0%
 Assignments (2 @ 10% approx. weeks 6,13)20.0%
 Mid Term Exam (approx. week 8)25.0%
 Final Exam (approx. week 14)25.0%
Total100.0%

Evaluation Notes and Academic Missed Work Procedure:
To pass the course, students must achieve a 50% weighted average across the tests and the exams and at least 50% overall in the course. Students must submit/complete all assignments, in-class activities and projects by the scheduled due date and write all tests on the specified date/time. Exceptions will only be made under extraordinary circumstances. Refer to the School of Applied Computing's Academic Procedures for Evaluations for more details regarding missed work: Procedures for Evaluations

Provincial Context
The course meets the following Ministry of Training, Colleges and Universities requirements:

 

Prior Learning Assessment and Recognition
PLAR Contact (if course is PLAR-eligible) - Office of the Registrar

Students may apply to receive credit by demonstrating achievement of the course learning outcomes through previous relevant work/life experience, service, self-study and training on the job. This course is eligible for challenge through the following method(s):

  • Challenge Exam
    Notes:  
  • Portfolio
    Notes:  
  • Other
    Notes:  Challenge exam, portfolio, and project are required for PLA.

 
 
Section III: Topical Outline
Some details of this outline may change as a result of circumstances such as weather cancellations, College and student activities, and class timetabling.
Instruction Mode: In-Class
Professor: Multiple Professors
Resource(s):
 TypeDescription
RequiredOtherMaterials will be provided by the Professor.

Applicable student group(s): Honours Bachelor of Computer Science - Mobile Computing
Course Details:

Module 1: Fundamentals of Information Security.

  • Critical characteristics of information and information systems.
  • Approaches to information security implementation.
  • Methods of defense.
  • Threats to information assets.
  • Types of attacks on information assets.
  • Secure software development.

Module 2: Cryptology

  • Cipher methods and Cryptographic algorithms.
  • Cryptographic hash functions.
  • Steganography.
  • Cryptographic tools.
  • Public Key Cryptography.

Module 3: Web Application Security

  • Web Security Challenges.
  • OWASP Risk Rating Methodology.
  • Classification and Prioritization.
  • OWASP Top 10.
  • Browser Security.
  • Primary Defense Approaches.

Module 4: Network Security.

  • Internet Protocols and security issues.
  • Message Authentication Codes (MAC/HMAC).
  • Digital Signatures and Digital Certificates.
  • Network Attacks and Defense.
  • Protecting remote connections.

Module 5: Security Technology, OS and Application Security

  • Linux and Windows Security Model.
  • Mobile Device and Platform Security.
  • Access control.
  • Intrusion Detection and Prevention Systems.
  • Control Hijacking and Security Testing.

Note: The suggested number of weeks allocated to each module may vary depending on the professor's and/or class requirements. The topics within each module are grouped semantically and are not meant to suggest a time sequence. A course plan must be provided by the professor identifying the class-by-class arrangement of topics.

 


Sheridan Policies

All Sheridan policies can be viewed on the Sheridan policy website.

Academic Integrity: The principle of academic integrity requires that all work submitted for evaluation and course credit be the original, unassisted work of the student. Cheating or plagiarism including borrowing, copying, purchasing or collaborating on work, except for group projects arranged and approved by the professor, or otherwise submitting work that is not the student's own, violates this principle and will not be tolerated. Students who have any questions regarding whether or not specific circumstances involve a breach of academic integrity are advised to review the Academic Integrity Policy and procedure and/or discuss them with the professor.

Copyright: A majority of the course lectures and materials provided in class and posted in SLATE are protected by copyright. Use of these materials must comply with the Acceptable Use Policy, Use of Copyright Protected Work Policy and Student Code of Conduct. Students may use, copy and share these materials for learning and/or research purposes provided that the use complies with fair dealing or an exception in the Copyright Act. Permission from the rights holder would be necessary otherwise. Please note that it is prohibited to reproduce and/or post a work that is not your own on third-party commercial websites including but not limited to Course Hero or OneNote. It is also prohibited to reproduce and/or post a work that is not your own or your own work with the intent to assist others in cheating on third-party commercial websites including but not limited to Course Hero or OneNote.

Intellectual Property: Sheridan's Intellectual Property Policy generally applies such that students own their own work. Please be advised that students working with external research and/or industry collaborators may be asked to sign agreements that waive or modify their IP rights. Please refer to Sheridan's IP Policy and Procedure.

Respectful Behaviour: Sheridan is committed to provide a learning environment that supports academic achievement by respecting the dignity, self-esteem and fair treatment of every person engaged in the learning process. Behaviour which is inconsistent with this principle will not be tolerated. Details of Sheridan's policy on Harassment and Discrimination, Academic Integrity and other academic policies are available on the Sheridan policy website.

Accessible Learning: Accessible Learning coordinates academic accommodations for students with disabilities. For more information or to register, please see the Accessible Learning website (Statement added September 2016)

Course Outline Changes: The information contained in this Course Outline including but not limited to faculty and program information and course description is subject to change without notice. Any changes to course curriculum and/or assessment shall adhere to approved Sheridan protocol. Nothing in this Course Outline should be viewed as a representation, offer and/or warranty. Students are responsible for reading the Important Notice and Disclaimer which applies to Programs and Courses.


[ Printable Version ]

Copyright © Sheridan College. All rights reserved.