1. Home
  2. Database Security [CSI3302]

Faculty of Health, Engineering and Science

School: Computer and Security Science

This unit information may be updated and amended immediately prior to semester. To ensure you have the correct outline, please check it again at the beginning of semester.

  • Unit Title

    Database Security

  • Unit Code

    CSI3302

  • Year

    2015

  • Enrolment Period

    1

  • Version

    1

  • Credit Points

    15

  • Full Year Unit

     N

  • Mode of Delivery

    On Campus
    Online

Description

This unit examines database information systems and the tools and techniques employed to make these resources as secure as possible. The unit examines database architectures and vulnerabilities, with a focus on network connected, centralised database systems. Security measures are examined from the point of view of both computing systems and organisational procedures, with an emphasis on web applications, e-commerce, auditing, roles and responsibilities and disaster recovery. The unit has a significant practical element allowing students to develop security policies and procedures and implement them using commercial database tools.

Prerequisite Rule

Students must pass 1 unit from CSI2102

Equivalent Rule

Unit was previously coded CSI4206, CSI5207

Learning Outcomes

On completion of this unit students should be able to:

  1. Analyse security issues and solutions in database administration and management.
  2. Create strategies for data backup and disaster recovery.
  3. Explain database architectures and their associated security requirements.
  4. Explain security requirements for World Wide Web linked database applications.
  5. Outline and apply database security model, security plans and policies.

Unit Content

  1. Application of security procedures by database design and security prototyping.
  2. Auditing and event management.
  3. Database access controls.
  4. Database architectures and related security.
  5. Database backup and recovery procedures.
  6. Database management and security.
  7. Database security and the Internet.
  8. Database security models.
  9. Database security policies and plans.
  10. Risks and security issues in database administration.

Additional Learning Experience Information

Lectures, workshops and practical laboratory exercises.

Assessment

GS1 GRADING SCHEMA 1 Used for standard coursework units

Students please note: The marks and grades received by students on assessments may be subject to further moderation. All marks and grades are to be considered provisional until endorsed by the relevant Board of Examiners.

ON CAMPUS
TypeDescriptionValue
AssignmentWorkshop Materials and Report30%
ReportDatabase Security Report20%
ExaminationEnd of Semester Examination50%
ONLINE
TypeDescriptionValue
AssignmentWorkshop Materials and Report30%
ReportDatabase Security Report20%
ExaminationEnd of Semester Examination50%

Text References

  • ^ Afyouni, S. (2005). Database security and auditing: protecting data integrity and accessibility. New York: Course Technology.
  • Butler, J. (1998). Contingency planning and disaster recovery: protecting your organization's resources. Charleston, SC: Computer Technology Research.
  • Connolly, T. & Begg, C. (2002). Database systems: a practical approach to design, implementation, and management (3rd ed.). Harlow: Addison-Wesley.
  • Peltier, T. (2001). Information security policies, procedures, and standards: guidelines for effective information security management. Florida: Auerbach Publications.
  • Mitnick, K. (2002). The art of deception: controlling the human element of security. Indianapolis, Ind: Wiley.
  • Castano, S. & Fugini, M. & Martella, G. & Castano, S. (1994). Database security. New York: ACM Press.
  • Raftree, M. (2002). MCSE guide to Microsoft SQL Server 2000 administration. Cambridge, Mass: Course Technology.
  • Date, C. J. (2004). An introduction to database systems. New York: Pearson/Addison Wesley.
  • Desman, M (2002). Building an information security awareness program. London: Auerbach Publications.
  • Harrington, J. (1998). Relational database design clearly explained. New York: Academic Press Morgan Kaufmann.
  • Kairab, S. (2004). A practical guide to security assessments. Florida: Auerbach Publications.

Website References

^ Mandatory reference

Disability Standards for Education (Commonwealth 2005)

For the purposes of considering a request for Reasonable Adjustments under the Disability Standards for Education (Commonwealth 2005), inherent requirements for this subject are articulated in the Unit Description, Learning Outcomes and Assessment Requirements of this entry. The University is dedicated to provide support to those with special requirements. Further details on the support for students with disabilities or medical conditions can be found at the Access and Inclusion website.

Academic Misconduct

Edith Cowan University has firm rules governing academic misconduct and there are substantial penalties that can be applied to students who are found in breach of these rules. Academic misconduct includes, but is not limited to:

  • plagiarism;
  • unauthorised collaboration;
  • cheating in examinations;
  • theft of other students' work;

Additionally, any material submitted for assessment purposes must be work that has not been submitted previously, by any person, for any other unit at ECU or elsewhere.

The ECU rules and policies governing all academic activities, including misconduct, can be accessed through the ECU website.

CSI3302|1|1

Faculty of Health, Engineering and Science

School: Computer and Security Science

This unit information may be updated and amended immediately prior to semester. To ensure you have the correct outline, please check it again at the beginning of semester.

  • Unit Title

    Database Security

  • Unit Code

    CSI3302

  • Year

    2015

  • Enrolment Period

    2

  • Version

    1

  • Credit Points

    15

  • Full Year Unit

     N

  • Mode of Delivery

    On Campus
    Online

Description

This unit examines database information systems and the tools and techniques employed to make these resources as secure as possible. The unit examines database architectures and vulnerabilities, with a focus on network connected, centralised database systems. Security measures are examined from the point of view of both computing systems and organisational procedures, with an emphasis on web applications, e-commerce, auditing, roles and responsibilities and disaster recovery. The unit has a significant practical element allowing students to develop security policies and procedures and implement them using commercial database tools.

Prerequisite Rule

Students must pass 1 unit from CSI2102

Equivalent Rule

Unit was previously coded CSI4206, CSI5207

Learning Outcomes

On completion of this unit students should be able to:

  1. Analyse security issues and solutions in database administration and management.
  2. Create strategies for data backup and disaster recovery.
  3. Explain database architectures and their associated security requirements.
  4. Explain security requirements for World Wide Web linked database applications.
  5. Outline and apply database security model, security plans and policies.

Unit Content

  1. Application of security procedures by database design and security prototyping.
  2. Auditing and event management.
  3. Database access controls.
  4. Database architectures and related security.
  5. Database backup and recovery procedures.
  6. Database management and security.
  7. Database security and the Internet.
  8. Database security models.
  9. Database security policies and plans.
  10. Risks and security issues in database administration.

Additional Learning Experience Information

Lectures, workshops and practical laboratory exercises.

Assessment

GS1 GRADING SCHEMA 1 Used for standard coursework units

Students please note: The marks and grades received by students on assessments may be subject to further moderation. All marks and grades are to be considered provisional until endorsed by the relevant Board of Examiners.

ON CAMPUS
TypeDescriptionValue
AssignmentWorkshop Materials and Report30%
ReportDatabase Security Report20%
ExaminationEnd of Semester Examination50%
ONLINE
TypeDescriptionValue
AssignmentWorkshop Materials and Report30%
ReportDatabase Security Report20%
ExaminationEnd of Semester Examination50%

Text References

  • ^ Afyouni, S. (2005). Database security and auditing: protecting data integrity and accessibility. New York: Course Technology.
  • Connolly, T. & Begg, C. (2002). Database systems: a practical approach to design, implementation, and management (3rd ed.). Harlow: Addison-Wesley.
  • Peltier, T. (2001). Information security policies, procedures, and standards: guidelines for effective information security management. Florida: Auerbach Publications.
  • Mitnick, K. (2002). The art of deception: controlling the human element of security. Indianapolis, Ind: Wiley.
  • Butler, J. (1998). Contingency planning and disaster recovery: protecting your organization's resources. Charleston, SC: Computer Technology Research.
  • Castano, S. & Fugini, M. & Martella, G. & Castano, S. (1994). Database security. New York: ACM Press.
  • Raftree, M. (2002). MCSE guide to Microsoft SQL Server 2000 administration. Cambridge, Mass: Course Technology.
  • Date, C. J. (2004). An introduction to database systems. New York: Pearson/Addison Wesley.
  • Desman, M (2002). Building an information security awareness program. London: Auerbach Publications.
  • Harrington, J. (1998). Relational database design clearly explained. New York: Academic Press Morgan Kaufmann.
  • Kairab, S. (2004). A practical guide to security assessments. Florida: Auerbach Publications.

Website References

^ Mandatory reference

Disability Standards for Education (Commonwealth 2005)

For the purposes of considering a request for Reasonable Adjustments under the Disability Standards for Education (Commonwealth 2005), inherent requirements for this subject are articulated in the Unit Description, Learning Outcomes and Assessment Requirements of this entry. The University is dedicated to provide support to those with special requirements. Further details on the support for students with disabilities or medical conditions can be found at the Access and Inclusion website.

Academic Misconduct

Edith Cowan University has firm rules governing academic misconduct and there are substantial penalties that can be applied to students who are found in breach of these rules. Academic misconduct includes, but is not limited to:

  • plagiarism;
  • unauthorised collaboration;
  • cheating in examinations;
  • theft of other students' work;

Additionally, any material submitted for assessment purposes must be work that has not been submitted previously, by any person, for any other unit at ECU or elsewhere.

The ECU rules and policies governing all academic activities, including misconduct, can be accessed through the ECU website.

CSI3302|1|2