Faculty Contact Information:
|
Before and after class and per e-mail: M.Hayes@gmx.de
|
|
Consultation:
|
Before and after class per appointment and per e-mail: M.Hayes@gmx.de
|
|
Required Texts and Readings:
|
Pfleeger, C. P. and S. L. (2007), Security in Computing. (4th ed.). Upper Saddle River, NJ: Prentice-Hall. ISBN: 9780132390774.
|
|
Supplementary Readings:
|
The standard for papers in the graduate program is the APA style. All participants in this course and all graduate INSS, MGMT, PUAD, and ECON courses should have a copy of the style guide:
American Psychological Association. (2001). Publication Manual of the American Psychological Association, 5th Edition. Washington DC: Author. All graduate students should be prepared to utilize the UMUC online library at http://www.ed.umuc.edu/library/. The library contains a large number of full text academic journals that are free of charge and immediately available. The library homepage also contains a number of links related to improving students' research and writing skills.
|
|
Recommended Journals:
|
Publications of the various professional societies (such as ACM -- the Association for Computing Machinery, the IEEE Computing Society, and the various management professional societies) are strongly recommended. In addition, there are many trade journals (such as eWEEK) that MIS professionals should become familiar with, many of these being published both weekly and on-line.
|
|
Course Description:
|
3 semester hours credit. (Formerly INSS 635.) Prerequisites: Either INSS 510, INSS 520, INSS 530, INSS 620, INSS 630, or permission of the Program Director. Explores security policies, models, and mechanics for secrecy, integrity, and availability. Topics include operating systems models and mechanisms for mandatory and discretionary controls; data models, concepts, and mechanisms for database security; basic cryptography and its applications; security in computer networks and distributed systems; as well as control and prevention of viruses and other malicious programs.
|
|
Course Goals:
Upon completion of the course, participants should:
1. Understand the threats, vulnerabilities and risks with an information system infrastructure
2. Understand the security issues in network systems
3. Have a basic understanding of cryptography
4. Be familiar with cryptographic technologies including symmetric key cryptosystem and asymmetric key cryptosystem
5. Have a basic understanding of firewalls, routers and protocols in communication systems
6. Be familiar with Risk Management practices
7. Be able to distinguish between business continuity and disaster recovery
8. Develop an understanding of laws and ethics regarding information systems security
|
|
Course Objectives:
|
At the conclusion of this course the student will be able to:
1. Identify the resources of an information system that must be protected
2. Distinguish information security from operations and physical security
3. List potential security threats, vulnerabilities and risks of information systems, particularly on the network
4. Define and discuss the role of cryptography
5. Evaluate various data encryption methods
6. Identify various control mechanisms used to prevent, detect and correct error in an information system
7. Define the responsibilities of Security Administrators
8. Be able to develop a disaster recovery plan for an information system
9. Develop standards, guidelines and procedures to implement security policy in an information system
|
|
Grading Information:
According to the Graduate School's grading policy, the following symbols are used:
A (90-100) = excellent
B (80-89) = good
C (70-79) = passing
F (69 or below) = failure
The grade of "B" represents the benchmark for the Graduate School. It indicates that the student has demonstrated competency in the subject matter of the course, e.g., has fulfilled all course requirements on time, has a clear grasp of the full range of course materials and concepts, and is able to present and apply these materials and concepts in clear, well-reasoned, well-organized, and grammatically correct responses, whether written or oral.
Only students who fully meet this standard and, in addition, demonstrate exceptional comprehension and application of the course subject matter earn a grade of "A."
Students who do not meet the benchmark standard of competency fall within the "C" range or lower. They, in effect, have not met graduate level standards. Where this failure is substantial, they can earn an "F."
|
|
Course Requirements:
Students are to concentrate on two deliverables: an in-class final exam and a 10 page paper in proper APA style with accompanying presentation to the class.
The paper is to be a specific, detailed account of some topic in information assurance related either to a technological issue or to an issue on policy, privacy, confidentiality or intellectual property.
Final Exam: 50%
Individual Paper: 45% (35% written paper; 10% oral presentation)
Class Discussion: 5%
|
|
Description of Course Requirements:
Successful graduate students in American universities dedicate approximately three hours of preparation/study time for every hour spent in the face-to-face classroom. Thus, the following course requirements were developed on the assumption that students would be prepared to spend approximately 150 hours of their own time working on them. In an 8-week term, that is the equivalent of a half-time job. Most 14-week graduate distance education courses require at least 10 hours per week of dedicated time, plus time spent in the virtual classroom.
STATEMENT ON WRITING REQUIREMENTS:
Effective managers and leaders are also effective communicators. Written communication is an important element of the total communication process. The Graduate School recognizes and expects exemplary writing to be the norm for course work. To this end, all analyses and papers must demonstrate graduate level writing ability and comply with the format requirements of the Publications Manual of the American Psychological Association. All writing assignments will be graded on the basis of content, logic, analysis, mechanics, organization, and research. Careful attention should be given to source citations, proper listing of references, the use of footnotes, and the presentation of tables and graphs. Work submitted online should follow standard procedures for formatting and citation.
POLICY ON ACADEMIC INTEGRITY:
Academic integrity is central to the learning and teaching process. Students are expected to conduct themselves in a manner that will contribute to the maintenance of academic integrity by making all reasonable efforts to prevent the occurrence of academic dishonesty. Academic dishonesty includes (but is not limited to) obtaining or giving aid on an examination, having unauthorized prior knowledge of an examination, doing work for another student, and plagiarism of all types.
PLAGIARISM:
Plagiarism is the intentional or unintentional presentation of another person's idea or product as one's own. Plagiarism includes, but is not limited to the following: copying verbatim all or part of another's written work; using phrases, charts, figures, illustrations, or mathematical or scientific solutions without citing the source; paraphrasing ideas, conclusions, or research without citing the source; and using all or part of a literary plot, poem, film, musical score, or other artistic product without attributing the work to its creator. Students can avoid unintentional plagiarism by following carefully accepted scholarly practices. Notes taken for papers and research projects should accurately record sources of material to be cited, quoted, paraphrased, or summarized, and papers should acknowledge these sources in footnotes. The penalties for plagiarism include a zero or a grade of F on the work in question, a grade of F in the course, suspension with a file letter, suspension with a transcript notation, or expulsion. Resubmission of course work from previous classes (whether or not taken at UMUC, UMUC-Europe or BSU), partially or in its entirety, is not acceptable in this course and will result in an automatic failure on the assignment.
DISABLED STUDENTS:
Students with disabilities who need to register or request services should contact the Staff Support Team four to six weeks in advance of registration to request and register for services.
COURSE EVALUATIONS:
Feedback on each graduate course and instructor is important to the university, your professor, and to all UMUC students. UMUC has the responsibility to assess the effectiveness of classroom instruction, and each student has the responsibility to provide accurate and timely feedback through completion of the course evaluation form. This is a shared obligation for us all. It is therefore important that you complete the evaluation form for each course you attend. This should be viewed as an additional course and program requirement.
|
|
Course Schedule:
7-8 June at Kaiserslautern-Kapaun:
- Chapter 1: Is There a Security Problem in Computing
- Chapter 2: Elementary Cryptography
- Chapter 3: Program Security
- Chapter 4: Protection in General-Purpose Operating Systems
9-15 June Web Tycho
- Chapter 5: Designing Trusted Operating Systems
16-22 June Web Tycho
- Chapter 6: Database and Data Mining Security
23-29 June Web Tycho
- Chapter 8: Administering Security
30 June-6 July Web Tycho
- Chapter 10: Privacy in Computing
7-11 July Web Tycho
- Chapter 9: The Economics of Cybersecurity
12-13 July at Kaiserslautern-Kapaun
- Chapter 7: Security in Networks
- Chapter 11: Legal and Ethical Issues in Computer Science
- Oral Presentation of Papers
- Final Examination
|
|
Academic Policies:
|
The University has a license agreement with Turnitin.com, a service that helps prevent plagiarism from internet resources. I may be using this service in this class by either requiring students to submit their papers electronically to Turnitin.com or by submitting questionable text on behalf of a student. If you or I submit part or all of your paper, it will be stored by Turnitin.com in their database throughout the term of the University's contract with Turnitin.com. If you object to this temporary storage of your paper, you must let me know no later than two weeks after the start of this class. Please Note: If you object to the storage of your paper on Turnitin.com, I may utilize other services to check your work for plagiarism
The official university policy on Plagiarism and Academic Dishonesty can be found at http://www.umuc.edu/policy/aa15025.shtml. Section I.C. states: "Faculty may determine if the resubmission of course work from previous classes (whether or not taken at UMUC), partially or in its entirety, is acceptable when assigning a grade on that piece of course work. Faculty must provide this information in their written syllabi. If the resubmission of course work is deemed to be unacceptable, a charge may not be brought under this Policy and will be handled as indicated in the written syllabi."
Please refer to Description of Course Requirements for specific information on how resubmissions will be treated in this course.
Students with disabilities should contact the appropriate support office at UMUC-Europe.
Jan Keller, Director of Student Services
UMUC-Europe, Heidelberg
Phone: +49-6221-378299
Email: edstudent_svc@ed.umuc.edu
Mailing Address: Unit 29216, APO AE 09102 OR Im Bosseldorn 30, D-69126 Heidelberg, Germany
Please refer to the UMUC-Europe Graduate Catalog for information on the following:
Academic Integrity
Course Load
Exception to Policy
Grade Appeal Process
Make-up Examinations
Nondiscrimination
Code of Civility
Hard copies of the catalog are available at your local Education Center.
|
|
Faculty Bio:
1965-69 BA in Philosophy, Northwestern
1969-71 MA in Philosophy, Penn State
1972-75 1st Lt., 10th Marine Regiment, USMC
1975-76 Master of Intl Management, Thunderbird
1976-93 Bank of America, Frankfurt. Bank operations, office automation, EB, treasury management software support
1993-99 Citibank, Frankfurt, Vice President. Database application development: customer billing application, customer database, customer implementations database, fax processing application
2000-06 Dresdner Bank, Frankfurt. Project management and organization, SAP Reporting
-------------------------------------------------------------------
1983-XX University of Maryland, Adjunct Associate Professor. Numerous computing courses, upper level and graduate, face to face and DE. Faculty Peer for IFSM courses.
1999 Microsoft Certified Systems Engineer (MCSE): Windows NT
2001 Microsoft Certified Professional: Windows 2000 Professional and Windows 2000 Server
|
|