Having completed the course, the student should have
- sound understanding of the task of an information security officer
- sound understanding of information security management standards and models as well as their applicability and limits
- good understanding of adversary and adversary behavioural models
- the ability to create, assess, and evaluate metrics for information security and the management thereof, including using statistical methods
- an understanding of the interrelationship between information security and overall corporate security and risk management
- an understanding of how organizational security and its policies are translated into security controls.
- a good understanding of information sharing models for security officers
- Security documentation including security policies and concepts
- Information security management frameworks
- Interactions between corporate security and risk management and information security management and its implementation in security controls, respectively
- Adversary and adversary behaviour models
- Metrics for information security and their assessement
- Information sharing concepts and problems
Pedagogiske metoder (fritekst)
Term paper (potentially based on simulation tool)
- Written exam: 50%
- Term paper: 50%
- Pass decision is on the cumulative grade.
Bokstavkarakterer, A (best) - F (ikke bestått)
Evaluated by external examiner.
Utsatt eksamen (tidl. kontinuasjon)
A new term paper must be provided next autumn. For the exam: Ordinary re-sit examnination.
Tillatte hjelpemidler (gjelder kun skriftlig eksamen)
Dictionary, simple calculator
Materials from the professors and selected webpages.
Selected chapters of the following textbooks are helpful references; further recommended reading is provided in the course syllabus.
Computer Security: Art and Science.
C. Pfleeger, S. Pfleeger
Security in Computing, 4th ed.
Prentice Hall, 2006
A. Kott, W. McEneaney:
Adversarial Reasoning: Computational Approaches to Reading the Opponent’s Mind.
Chapman & Hall, 2006
Capacity of the course is limited to 24 students for the first course, unless explicitly arranged by lecturer.