Search
MyUMUC
WebTycho| INSS 635 -- Information Systems Security | IFSM 430 -- Information Systems and Security | |
| Bowie State University, Graduate Programs,
M.S. in Management Information Systems |
University of Maryland University College |
| Education Center, Geilenkirchen | 28 October to 20 December, 2002 |
| 2002-2003/Term 2 | Mondays & Wednesdays |
| Instructor: Grant Wiswell | 18:30 to 21:30 |
| Description | Objectives | Text | Grading | Office Hours | Schedule |
Credit
3 semester hours of credit.
INSS 635 Prerequisites: Either INSS 510, INSS 520, INSS 530, or permission of the instructor.
IFSM 430 Prerequisites: IFSM 300 or equivalent.
Course Description
This course surveys the challenges of security in computerized and networked information systems. These challenges are managerial and administrative as well as technical. Computer-based information systems play an essential role in the operations of enterprises and government organizations as well as in the lives of individuals. Protection of these systems is a necessary part of protecting institutions and people.
The course will consider various aspects of security in information systems. Students will have the opportunity to research real-world cases and to engage in classroom debates about current information security issues.
Objectives
Students who successfully complete this course should better understand:- management responsibilities and information system security practices
- controlling access to a system
- the complex problems of security in telecommunications and networks
- cryptography as a tool of information security
- building security into the fundamental architecture of hardware and systems software
- how to protect a facility's computer operations, including its data media and personnel
- developing applications with security designed into them
- ensuring business continuity with disaster and recovery plans
- the role of ethics and the law in issues of information systems security
- physical security of system sites
Text
Krutz, R. L., and Vines, R. D. (2001).The CISSP Prep Guide: Mastering the Ten Domains of Computer Security.
New York: John Wiley & Sons.
ISBN 0-471-41356-9
Course Evaluation
| Grades for INSS 635 will be based on: | Computation of Final Grades for INSS 635 | ||||
|---|---|---|---|---|---|
| Individual Homework Assignments | 15% | A | 90 to 100 | ||
| Individual Term Paper & Presentation | 20 | B | 80 to 90 | ||
| Group Project & Presentation | 20 | C | 70 to 80 | ||
| Midterm Examination | 20 | F | below 70 | ||
| Final Examination | 25 | ||||
| Grades for IFSM 430 will be based on: | Computation of Final Grades for IFSM 430 | ||||
|---|---|---|---|---|---|
| Individual Homework Assignments | 15% | A | 90 to 100 | ||
| Individual Term Paper & Presentation | 20 | B | 80 to 90 | ||
| Group Project & Presentation | 20 | C | 70 to 80 | ||
| Midterm Examination | 20 | D | 60 to 70 | ||
| Final Examination | 25 | F | below 60 | ||
Office Hours and Communication
Students may request individual discussions before or after class, or by appointment. I will usually be on base during Monday and Wednesday afternoons. Messages may be left for me in the University of Maryland field office, or by e-mail:
gwiswell@faculty.ed.umuc.edu
I also keep a web site going during the term, where information and copies of assignments can be posted:
http://faculty.ed.umuc.edu/~gwiswell/
Projects
There will be research assignments and projects for both INSS 635 and IFSM 430 students.
A possible group project task would be to put together a security and/or recovery plan for an organization or enterprise.
As an example of a current and relevant research topic, the draft of "The National Strategy to Secure Cyberspace" was released for public comment by the President's Critical Infrastructure Protection Board on 18 September 2002.
More detailed plans for these assignments will be developed during our first week of class.
Course Standards
Exams will cover both text and lectures. They will consist mostly of short answer essay questions.
INSS 635 students will prepare and present selected topics to the class, either as individuals or in groups. For the INSS 635 students, the exams will include an essay question of the type found in the MIS Graduate program comprehensive exams.
Class attendance is expected. Students are responsible for all material covered during lectures and discussions, as well as assigned textbook readings. Class participation is encouraged, especially when discussing issues where there are differing sources of information and points of view. In order to have lively and effective class discussions, students should read the assigned material and think about it before class.
Students will be graded primarily on their written work. Good presentation skills are also important,
however, and will help contribute to the grade.
Written assignments:
Black ink on white A4 or 8.5x11 paper, in a standard typewriter face such as Courier, or 11- or 12-point Times New Roman. Line spacing double-spaced or 1.5.
No color or graphics, except for (1) charts or maps generated by the student to convey substantive information; or (2) as an artifact of the subject being studied, in support of a point discovered or being argued by the student.
Where there has been research, be sure to acknowledge your sources, using the APA style.
See -- www.umuc.edu/library/guides/apa.html
Policies
On such matters as exceptional grades, academic dishonesty and attendance, the policies of the current Graduate Catalog of the University of Maryland in Europe will apply to this course.
Instructor
Mr. Wiswell received a BA in History from Stanford University, and more recently, an MA in History from the University of London. He worked for over twenty-five years in the computer industry as programmer, systems analyst, data base consultant and project manager. While developing systems for a major bank, he integrated design of security and audit controls with the design of the systems. He has had experience in military communications and cryptography.
Tentative Course Schedule
| Class Session |
Topics and Activities | Chapters to Read |
|---|---|---|
| 1 | Course and Class Introductions
Security Management Practices |
1 |
| 2 | Access Control Systems | 2 |
| 3 | Telecommunications Network Security | 3 |
| 4 | Telecommunications Network Security (continued) | 3 |
| 5 | Cryptography | 4 |
| 6 | Security Architecture & Models | 5 |
| 7 | Group Project Presentations and Discussions
Review |
|
| 8 | Midterm Exam, 20 November | |
| 9 | Operations Security | 6 |
| 10 | Applications and Systems Development | 7 |
| 11 | Continuity Planning and Disaster Recovery | 8 |
| 12 | Law, Investigation, Ethics | 9 |
| 13 | Physical Security | 10 |
| 14 | Research & Project Presentations and Discussions | |
| 15 | Research & Project Presentations and Discussions
Course Review |
|
| 16 | Final Exam, 18 December |
| Top | Description | Objectives | Text | Office Hours | Grading |