Foundations of Information Security Management
2009-2010 - IMT4941 - 5sp

Forventet læringsutbytte

Having completed the course, the student should have

  • sound understanding of the task of an information security officer
  • sound understanding of information security management standards and models as well as their applicability and limits
  • good understanding of adversary and adversary behavioural models
  • the ability to create, assess, and evaluate metrics for information security and the management thereof, including using statistical methods
  • an understanding of the interrelationship between information security and overall corporate security and risk management
  • an understanding of how organizational security and its policies are translated into security controls.
  • a good understanding of information sharing models for security officers

Emnets temaer

  • Security documentation including security policies and concepts
  • Information security management frameworks
  • Interactions between corporate security and risk management and information security management and its implementation in security controls, respectively
  • Adversary and adversary behaviour models
  • Metrics for information security and their assessement
  • Information sharing concepts and problems

Pedagogiske metoder

Forelesninger

Pedagogiske metoder (fritekst)

Term paper (potentially based on simulation tool)

Vurderingsformer

Annet

Vurderingsformer

  • Written exam: 50%
  • Term paper: 50%
  • Pass decision is on the cumulative grade.

Karakterskala

Bokstavkarakterer, A (best) - F (ikke bestått)

Sensorordning

Evaluated by external examiner.

Utsatt eksamen (tidl. kontinuasjon)

A new term paper must be provided next autumn. For the exam: Ordinary re-sit examnination.

Tillatte hjelpemidler (gjelder kun skriftlig eksamen)

Dictionary, simple calculator

Obligatoriske arbeidskrav

None

Læremidler

Materials from the professors and selected webpages.

Selected chapters of the following textbooks are helpful references; further recommended reading is provided in the course syllabus.

M. Bishop:

Computer Security: Art and Science.

Addison-Wesley, 2003.

C. Pfleeger, S. Pfleeger

Security in Computing, 4th ed.

Prentice Hall, 2006

A. Kott, W. McEneaney:

Adversarial Reasoning: Computational Approaches to Reading the Opponent’s Mind.

Chapman & Hall, 2006

Supplerende opplysninger

Capacity of the course is limited to 24 students for the first course, unless explicitly arranged by lecturer.