module specification

This module is concerned with the fundamentals of security in key areas of computing in terms of understanding, controlling, and managing the various risks and threats to computer-based systems. In addition, the issues in development of the security software will be dealt with via software engineering approaches.

Assessment: Coursework 1 (40%) + Coursework 2 (60%) [Pass on aggregate].

The key skills and knowledge to be gained are:

1.Provide students with an understanding of fundamental computer security concepts and issues.

2.Introduce students to the various types of security threats and risks to computer systems and networks.

3.Develop students’ ability to identify, analyse and evaluate a range of computer security threats.

4.Enable students to develop and/or use appropriate tools, techniques, methods, approaches, and strategies to mitigate the various threats and provide practical, feasible and sustainable solutions.

5.Equip students with appropriate knowledge and skills necessary to protect the secrecy of confidential data and information.

6.Develop students’ knowledge, transferable skills and confidence in handling, managing and solving computer security issues leading to further academic progression and future employability in this area.

Successful completion of level 4 or equivalent

1.General Security Problems: attacks; computer criminals; computer security; methods of defence. (LO1, LO2, LO3, LO5)

2.Program Security: secure programs; viruses and malicious code; controls against program threats. (LO2, LO3, LO4, LO5)

3.Security in Operating Systems: user authentication; memory and address protection; file protections; control of access to   general objects; trusted operating systems. (LO1, LO2, LO3, LO4, LO5)

4.Database Security: security requirements; integrity and reliability; inference; multilevel security. (LO1, LO2, LO3, LO4, LO5)

5.Security in Networks:  threats in networks; firewalls intrusion detection; secure email; security control. (LO1, LO2, LO3, LO4, LO5)

6.Administering Security. (LO1, LO2, LO4)

7.The Economics of Cybersecurity. (LO1, LO2, LO4)

8.Legal, Privacy, and Ethical Issues and code of practice. (LO1, LO2, LO3, LO4, LO5)

9.Elementary Cryptography: Substitution Ciphers; Transposition Ciphers; Data Encryption Standard (DES); Public Key Encryption; Digital Signatures; Message Digests; Overview of Authentication. (LO1, LO2, LO3, LO4, LO5)

10.System Requirement and Modelling. (LO5)

11.Architectural Design, Module Design, and Implementation. (LO1, LO2, LO3, LO4, LO5, LO6)

12.Software Testing, Evaluation, and Deployment. (LO6)

13.Project Management Issues, Managing Design Process, and Evaluating Outcomes. (LO6)

14.Evaluation of Systems in Terms of Quality and Trade-Offs. (LO6)

Students will develop theoretical understanding and practical skills in the subject area based on weekly lectures, tutorials and supervised workshops.  The tutorials and workshops, in particular, are provided to support students in gaining practical experience in tackling a wide range of computer security related issues and problems.

Appropriate blended learning approaches and technologies, such as, the University’s VLE and online tools, will be used to facilitate and support student learning to:
•deliver content.
•encourage active learning.
•provide formative and summative assessments, and prompt feedback.
•enhance student engagement and learning experience.

Students will be expected and encouraged to produce reflective commentaries and an action plan for personal development on the learning activities and tasks that they carry out to complete their work, e.g. in the form of an assessed section of their coursework report/essay.

On completing the module, the students will be able to:

- LO1: Demonstrate a general understanding of key computer security concepts/issues, and describe a range of security threats that undermine the integrity, availability and confidentiality of computer systems and networks.

- LO2: Identify, analyse, evaluate, test and document various security threats and risks to computer systems and networks. 

- LO3: Use appropriate software tools, techniques, methods, strategies, and approaches to provide practical solutions and measures to prevent and mitigate security threats and risks to computer systems and networks.

- LO4: Describe computer security policies, audits, standards, code of practice, and critically evaluate and reflect on their learning, development, and achievements within the context of security in computing.

- LO5: Understand and apply security software development issues, including system requirement and modelling, architectural design, software design and implementation, software testing, and software deployment and evaluation.

- LO6: Demonstrate the knowledge of project management techniques to achieve objectives, evaluation of systems in terms of quality and trade-offs, and management of design process and evaluating outcomes.

The coursework assessments will involve developing practical solutions to a wide range of computer security problems and issues using appropriate methods, techniques, and tools (LO1-LO6).  Students will produce a report detailing their work based on some case study, scenario, or investigation.

Students will be encouraged to complete weekly tutorial and workshop exercises as well as periodic formative diagnostic tests to enhance their learning. During tutorial and workshop sessions students will receive ongoing support and feedback on their work to promote engagement and provide the basis for tackling the summative assessments.

https://londonmet.rl.talis.com/modules/cc5004