Aspects of Information Risk and Security 

IS484

Half/ full unit

Half

Dr J Backhouse, Room tbc

This course is optional for the MSc in the Analysis, Design and Management of Information Systems.

It is a half-unit version of IS476 Information Risk and Security and cannot be taken with the latter course.

The study of IS security from a social perspective, analysing the role of technical, formal and informal elements in the security of systems.

• Social approaches to IS security
• Using social theory to study IS security
• Security policy and security management
• Risk management: methods and limitations
• Evaluation of security technology
• Trusted platforms
• Interoperability in secure e-commerce
• Certification and accreditation
• The limits of law for IS security
• Regulation and compliance as security issues

Lent term

Lectures

10 x 2 hours

Lent term

Classes

9 x 1 hour

Lent term

Seminars

9 x 2 hour security colloquia

Students discuss articles, small case studies, and present policy perspectives in the classes.  The colloquia provide opportunity for discussion, debate and feedback.

• C Adams and S Lloyd    Understanding Public Key Infrastructure, Concepts, Standards, And Deployment Considerations Macmillan Technical Publishing; 1999
• R Anderson, Security Engineering: a guide to building dependable distributed systems, John Wiley, 2001
• J R Beniger, The Control Revolution: technological and economic origins of the information society, Harvard University Press, 1986
• W Cheswick, S Bellovin and A Rubin, Firewalls and Internet Security: repelling the wily hacker, Addison Wesley, 1994
• G Dhillon   Principles of Information Systems Security: Text and Cases. J Wiley & Sons; 2007
• S Gafinkel, Database Nation: the death of privacy, O'Reilly Associates 2000
• A Jones and D Ashenden   Risk Management For Computer Security: Protecting Your Network And Information Assets Butterworth-Heinemann; 2005
• K D. Mitnick, W L. Simon   The Art Of Deception: Controlling The Human Element Of Security John Wiley & Sons; 2003
• F C Piper, S Murphy   Cryptography: A Very Short Introduction  Oxford Paperbacks; 2002
• T Ridge,  H Schmidt   Patrolling Cyberspace: Lessons Learned From A Lifetime In Data Security Larstan Publishing; 2006
• B Schneier, Beyond Fear: thinking sensibly about security in an uncertain world, Springer Verlag, 2003
• B Schneier   Secrets And Lies: Digital Security In A Networked World John Wiley & Sons Inc; 2004
• W Stallings, Network Security Essentials, Prentice Hall, 2000

A three-hour examination in the Summer term.