Information Security Principles Fall 2010
Instructor: James R. Durie
Class Meets: August 30 – Dec 21, 2010
Time: 7:20PM to 10:00PM
Where: Prince William – Bull Run Hall 131
Studies security policies, models, and mechanisms for secrecy, integrity,
availability, and usage controls. Topics include models, and mechanisms for mandatory,
discretionary, and role based access controls, authentication technologies, control and
prevention of viruses, and other rogue programs, common system vulnerabilities and
countermeasures, privacy and security policies and risk analysis, intellectual property
protections, legal and social issues
Computer security has evolved into a comprehensive discipline called
“information security.” The increased reliance on automated systems and the lack of
adequate security plans place privacy and organizational information at risk.
“Information security” has become a greater concern and effective security is critical to
an organizations success. This course will build upon the student’s knowledge of
technology based controls by focusing on the management of threats to information. This
course is intended to develop an holistic approach to information security, thus preparing
the student to assume a leadership or managerial role in an organization.
At the conclusion of this course, the student will be able to identify information
assets; identify and prioritize threats to information assets; develop information security
strategies, policies and plans; respond to threats to information assets; describe legal and
public relations implications of security and privacy issues.
Course overview: Introduction to the course.
Chapter 1 Trust in information Infrastructure
Chapter 8 Security Policies and Risk Analysis
Privacy and Security Policies.
Chapter 4 Security, Anonymity, and Privacy
Chapter 9 Security Policies Assessment and Assurance
Chapter 8 Security Policies and Risk Analysis
Chapter 10 Access control, Authentication and Authorization
Security Models and Mechanisms.
Research Paper Due
Mechanisms for Secrecy and Integrity.
Chapter 14 Biometrics for Access Control
Vulnerabilities and Threats.
Chapter 7 Security Threats and Vulnerabilities
Chapter 5 Software Reliability, Safety, and Risk
Week 10 (Prevention and Control )
Chapter 11 Perimeter Defense – The Firewall
Chapter 12 Intrusion Detection and Prevention
Chapter 2 Morality and Ethics
Chapter 3 Building an Ethical Framework for Decision Making
Domain 9, Chapter 25, 26 Recommended text
Digital Evidence and Crime
Chapter 15 Digital Evidence and Computer Crime
Chapter 16 Digital Crime, Investigations and Forensics
Ethics Paper Due
Trends in Information Security
Chapter 13 Security in Wireless Systems
Chapter 17 Trends
Week 15 (May 13)
Prerequisite: The prerequisite for this course is IT 212. A grade of C or better must be
achieved in the prerequisite before a student is qualified to take this course. The
prerequisite must be completed prior to, not concurrently with, this course.
This requirement will be strictly enforced. Any student who does not meet
the prerequisite requirement will be dropped by the Instructor at the start of the semester.
(b) Required Reading and Reference Material
Securing the Information Infrastructure (Hardcover)
By: Joseph Migga Kizza & Florence Migga
By: Neal Stephenson
Harper Collins Publisher
Not required but recommended:
Information Security Management Handbook, Sixth Edition, Volume 3
By: Harold F. Tipton
(Editor), Micki Krause
(c) Student Evaluation Criteria
Research Paper/Project : 20%
Ethics Paper 15%
Current Events: 5%
The Instructor reserves the right to adjust the final grade for positive class
Research Paper/Project: The research paper is a “System Specific Security Plan”. It
should address all relevant aspects of information security for the proposed business in
the Cryptomonicon (assigned reading for IT 462). There is no minimum page count. You
must include relevant current events to illustrate requirements, and at least 10 references,
at least 5 of which must not be internet resources.
Ethics Paper: This paper is an analysis of the ethical issues raised in the novel
Cryptomonicon (assigned reading for IT 462). There is a 10 page minimum for this
paper. You must include relevant current events and at least 10 references, at least 5 of
which must not be internet resources.
Style – follow GMU’s Writing Center guidance http://writingcenter.gmu.edu/
For citing sources refer to http://library.duke.edu/research/citing/
You should use footnotes for citations, alternate views, definitions, etc.
Exams: The format of exams will be a combination of multiple choice, true false, short
answer, and/or essay questions. Expect approximately 2 – 3 hours to complete the
examination. The Final Exam is cumulative.
The quizzes will be one hour long and a combination of multiple choice, true false, and
Grades: Grades will be awarded according to George Mason University’s grading
system for undergraduate students.