1. Home
  2. Information Security [CSI2102]

Faculty of Health, Engineering and Science

School: Computer and Security Science

This unit information may be updated and amended immediately prior to semester. To ensure you have the correct outline, please check it again at the beginning of semester.

  • Unit Title

    Information Security

  • Unit Code

    CSI2102

  • Year

    2015

  • Enrolment Period

    1

  • Version

    1

  • Credit Points

    15

  • Full Year Unit

     N

  • Mode of Delivery

    On Campus
    Online

Description

This unit covers the basic principles and techniques used to protect information. The areas covered are: defining, identifying and classifying information as a resource, access control, information risk analysis, contingency planning, information technology systems, threats to information systems security, data security legislation, database systems and associated security, procedures for secure information flow, classification systems, document and record storage, case studies of information technology systems and abuse including fraud, industrial espionage, confidentiality and privacy breaches, data protection and copyright, and ethical issues associated with information security.

Equivalent Rule

Unit was previously coded CSI4104, CSI5133

Learning Outcomes

On completion of this unit students should be able to:

  1. Demonstrate an understanding of the advantages, disadvantages, threats and vulnerabilities associated with various IT environments.
  2. Describe and apply classification systems for information.
  3. Describe and apply concepts, principles and techniques relating to the security of information.
  4. Describe the components of cyberspace and outline the security issues associated it.
  5. Describe the role of risk analysis and contingency planning in information security.
  6. Identify the importance of information to organisations and society in general.
  7. Outline the ethical and legal issues associated with information security and analyse their implications.
  8. Use the Internet to locate information security services.

Unit Content

  1. Case studies covering fraud, software copyright, privacy and denial of service.
  2. Data and information as a resource including classification, access and transmission controls. A working definition of data, information, and knowledge.
  3. Data protection and privacy, copyright, ownership principles, ethical and legal aspects. Data Protection Acts in Australia, UK, US, and Europe.
  4. Document security, physical protection, archive, retrieval, and classification systems.
  5. Information management. Access, identification, authorisation controls. Ensuring availability, accuracy, and confidentiality of information.
  6. Logical protection of systems
  7. Monitoring security of information and information flow. Security intelligence systems.
  8. Risk analysis, risk assessment and contingency planning for information security. Risk management. Impact and probability of threat.
  9. The differences and similarities between computer and information security.
  10. The use of the Internet and information sources in information security.
  11. Use of the Internet as an information resource. Examination of security issues in cyberspace. Management of incidents: detection, identification of intruder, response, reporting, and change process.

Additional Learning Experience Information

Lectures, workshops, use of the Internet.

Assessment

GS1 GRADING SCHEMA 1 Used for standard coursework units

Students please note: The marks and grades received by students on assessments may be subject to further moderation. All marks and grades are to be considered provisional until endorsed by the relevant Board of Examiners.

ON CAMPUS
TypeDescriptionValue
AssignmentConcept mapping for information security20%
AssignmentInformation classification schema30%
Examination ^End of semester examination50%
ONLINE
TypeDescriptionValue
AssignmentConcept mapping for information security20%
AssignmentInformation classification schema30%
Examination ^End of semester examination50%

^ Mandatory to Pass

Text References

  • ^ Whitman, M.E., Mattord, H.J. (2012). Principles of information security (4th ed.). Boston: Thomson Educational.
  • Erbschloe, M. & Vacca, J.R. (2001). Information warfare. New York: McGraw-Hill.
  • Boni, W., Kovacich, G.L. (2000). Netspionage: the global threat to information. Boston MA: Butterworth Heinemann.
  • Schneier, B. (2000). Secrets and lies: digital security in a networked world. New York: John Wiley and Sons.
  • Hutchinson, W. & Warren, M. (2001). Information warfare: corporate attack and defence in the digital age. Oxford: Butterworth-Heinemann.

Journal References

  • Computer Security Journal
  • Computers and Security
  • Computer Fraud and Security Bulletin
  • Security Surveyor
  • Security Gazette
  • Security Australia
  • Journal of Information Warfare
  • Security Management
  • Security

^ Mandatory reference

Disability Standards for Education (Commonwealth 2005)

For the purposes of considering a request for Reasonable Adjustments under the Disability Standards for Education (Commonwealth 2005), inherent requirements for this subject are articulated in the Unit Description, Learning Outcomes and Assessment Requirements of this entry. The University is dedicated to provide support to those with special requirements. Further details on the support for students with disabilities or medical conditions can be found at the Access and Inclusion website.

Academic Misconduct

Edith Cowan University has firm rules governing academic misconduct and there are substantial penalties that can be applied to students who are found in breach of these rules. Academic misconduct includes, but is not limited to:

  • plagiarism;
  • unauthorised collaboration;
  • cheating in examinations;
  • theft of other students' work;

Additionally, any material submitted for assessment purposes must be work that has not been submitted previously, by any person, for any other unit at ECU or elsewhere.

The ECU rules and policies governing all academic activities, including misconduct, can be accessed through the ECU website.

CSI2102|1|1

Faculty of Health, Engineering and Science

School: Computer and Security Science

This unit information may be updated and amended immediately prior to semester. To ensure you have the correct outline, please check it again at the beginning of semester.

  • Unit Title

    Information Security

  • Unit Code

    CSI2102

  • Year

    2015

  • Enrolment Period

    2

  • Version

    1

  • Credit Points

    15

  • Full Year Unit

     N

  • Mode of Delivery

    On Campus
    Online

Description

This unit covers the basic principles and techniques used to protect information. The areas covered are: defining, identifying and classifying information as a resource, access control, information risk analysis, contingency planning, information technology systems, threats to information systems security, data security legislation, database systems and associated security, procedures for secure information flow, classification systems, document and record storage, case studies of information technology systems and abuse including fraud, industrial espionage, confidentiality and privacy breaches, data protection and copyright, and ethical issues associated with information security.

Equivalent Rule

Unit was previously coded CSI4104, CSI5133

Learning Outcomes

On completion of this unit students should be able to:

  1. Demonstrate an understanding of the advantages, disadvantages, threats and vulnerabilities associated with various IT environments.
  2. Describe and apply classification systems for information.
  3. Describe and apply concepts, principles and techniques relating to the security of information.
  4. Describe the components of cyberspace and outline the security issues associated it.
  5. Describe the role of risk analysis and contingency planning in information security.
  6. Identify the importance of information to organisations and society in general.
  7. Outline the ethical and legal issues associated with information security and analyse their implications.
  8. Use the Internet to locate information security services.

Unit Content

  1. Case studies covering fraud, software copyright, privacy and denial of service.
  2. Data and information as a resource including classification, access and transmission controls. A working definition of data, information, and knowledge.
  3. Data protection and privacy, copyright, ownership principles, ethical and legal aspects. Data Protection Acts in Australia, UK, US, and Europe.
  4. Document security, physical protection, archive, retrieval, and classification systems.
  5. Information management. Access, identification, authorisation controls. Ensuring availability, accuracy, and confidentiality of information.
  6. Logical protection of systems
  7. Monitoring security of information and information flow. Security intelligence systems.
  8. Risk analysis, risk assessment and contingency planning for information security. Risk management. Impact and probability of threat.
  9. The differences and similarities between computer and information security.
  10. The use of the Internet and information sources in information security.
  11. Use of the Internet as an information resource. Examination of security issues in cyberspace. Management of incidents: detection, identification of intruder, response, reporting, and change process.

Additional Learning Experience Information

Lectures, workshops, use of the Internet.

Assessment

GS1 GRADING SCHEMA 1 Used for standard coursework units

Students please note: The marks and grades received by students on assessments may be subject to further moderation. All marks and grades are to be considered provisional until endorsed by the relevant Board of Examiners.

ON CAMPUS
TypeDescriptionValue
AssignmentConcept mapping for information security20%
AssignmentInformation classification schema30%
Examination ^End of semester examination50%
ONLINE
TypeDescriptionValue
AssignmentConcept mapping for information security20%
AssignmentInformation classification schema30%
Examination ^End of semester examination50%

^ Mandatory to Pass

Text References

  • ^ Whitman, M.E., Mattord, H.J. (2012). Principles of information security (4th ed.). Boston: Thomson Educational.
  • Erbschloe, M. & Vacca, J.R. (2001). Information warfare. New York: McGraw-Hill.
  • Boni, W., Kovacich, G.L. (2000). Netspionage: the global threat to information. Boston MA: Butterworth Heinemann.
  • Schneier, B. (2000). Secrets and lies: digital security in a networked world. New York: John Wiley and Sons.
  • Hutchinson, W. & Warren, M. (2001). Information warfare: corporate attack and defence in the digital age. Oxford: Butterworth-Heinemann.

Journal References

  • Computer Security Journal
  • Computers and Security
  • Computer Fraud and Security Bulletin
  • Security Surveyor
  • Security Gazette
  • Security Australia
  • Journal of Information Warfare
  • Security Management
  • Security

^ Mandatory reference

Disability Standards for Education (Commonwealth 2005)

For the purposes of considering a request for Reasonable Adjustments under the Disability Standards for Education (Commonwealth 2005), inherent requirements for this subject are articulated in the Unit Description, Learning Outcomes and Assessment Requirements of this entry. The University is dedicated to provide support to those with special requirements. Further details on the support for students with disabilities or medical conditions can be found at the Access and Inclusion website.

Academic Misconduct

Edith Cowan University has firm rules governing academic misconduct and there are substantial penalties that can be applied to students who are found in breach of these rules. Academic misconduct includes, but is not limited to:

  • plagiarism;
  • unauthorised collaboration;
  • cheating in examinations;
  • theft of other students' work;

Additionally, any material submitted for assessment purposes must be work that has not been submitted previously, by any person, for any other unit at ECU or elsewhere.

The ECU rules and policies governing all academic activities, including misconduct, can be accessed through the ECU website.

CSI2102|1|2