Skip to the content | Change text size
PDF unit guide

FIT3031 Information and network security - Semester 1, 2009

Unit leader :

Joarder Kamruzzaman

Lecturer(s) :

Caulfield

  • Nandita Bhattacharjee

Gippsland

  • Joarder Kamruzzaman

South Africa

  • Braam Van De Vyer

Malaysia

  • Simon Egerton

Introduction

Welcome to FIT3031, Information and Network Security, for semester 1, 2009. This is a 6-point compulsory unit for Business systems, Internet systems, Net-centric computing and Security major in the Bachelor of Information Technology and Systems degree. This unit is designed to provide you with the knowledge and understanding of various encryption techniques, common security threats ,e.g., email security, web security, malicious software attacks, different countermeasures to thwart those threats, intrusion detection and standard security practices, network management issues and firewalls deployment. On completion of this unit, you are expected to be confident in assessing security threats, employ possible countermeasures and be familiar with standard practices.

Unit synopsis

OSI security architecture, security requirements, cryptography, digital signatures, certificates, security services, security standards and protocols, network security applications, system security, wireless security, latest trends in security and security ethics.

Learning outcomes

Knowledge and Understanding

Students should be able to:

  • describe OSI security architecture;
  • describe common security standards and protocols for network security applications, e.g., electronic mail, web security and network management;
  • understand common information risks and requirements;
  • explain the operation of conventional and public-key encryption techniques;
  • describe the concepts and techniques for digital signatures, authentication and non-repudiation;
  • understand with security threats in wireless and mobile communication.

 

Attitudes, Values and Beliefs

Students will be able to:

  • appreciate the need for the digital certificates and public key infrastructure;
  • appreciate the importance of system security against intruders and malicious software using firewalls;
  • appreciate the relevance of privacy and ethical issues related to organizations and individuals.

 

Practical Skills

The students should be able to:

  • apply simple security configurations to PC based applications, e.g., email, Internet, computer administration;
  • design information systems with security compliance.

 

Workload

For on campus students, workload commitments are:

  • two-hour lecture and
  • two-hour tutorial
  • You will need to allocate up to 8 hours per week on average for personal study (study guide, textbook, lecture notes and tutorial), attending newsgroup discussion and working on assignments.

Unit relationships

Prerequisites

Before attempting this unit you must have satisfactorily completed FIT1005 or FIT2008 or CSE2318 or CSE3318 or GCO1815 or equivalent unit. You should have knowledge of Computer systems organisation and the OSI model for data communication.

Relationships

FIT3031 is an elective unit in the Bachelor of Information Technology and Systems (BITS) degree. You may not study this unit if you have completed CPE3001, CPE2007 (70% overlap but no other security unit prohibition), CPE2007 (70% overlap with CPE3001 and CSE2500 as prohibitions), CSE3206 (55% overlap with no other security unit prohibitions),  FIT2058, FIT3018, FIT4028, GCO3481 in your degree.

Continuous improvement

Monash is committed to ‘Excellence in education’ (Monash Directions 2025 - http://www.monash.edu.au/about/monash-directions/directions.html) and strives for the highest possible quality in teaching and learning.

To monitor how successful we are in providing quality teaching and learning Monash regularly seeks feedback from students, employers and staff. One of the key formal ways students have to provide feedback is through Unit Evaluation Surveys. The University’s Unit Evaluation policy (http://www.policy.monash.edu/policy-bank/academic/education/quality/unit-evaluation-policy.html) requires that every unit offered is evaluated each year. Students are strongly encouraged to complete the surveys as they are an important avenue for students to “have their say”. The feedback is anonymous and provides the Faculty with evidence of aspects that students are satisfied and areas for improvement.

Faculties have the option of administering the Unit Evaluation survey online through the my.monash portal or in class. Lecturers will inform students of the method being used for this unit towards the end of the semester.

Student Evaluations

If you wish to view how previous students rated this unit, please go to http://www.adm.monash.edu.au/cheq/evaluations/unit-evaluations/

Unit staff - contact details

Unit leader

Dr Joarder Kamruzzaman
Senior Lecturer
Phone +61 3 990 26665

Lecturer(s) :

Dr Joarder Kamruzzaman
Senior Lecturer
Phone +61 3 990 26665
Dr Nandita Bhattacharjee
Lecturer
Phone +61 3 990 53293
Fax +61 3 990 55146
Braam Van De Vyer
Dr Simon Egerton

Teaching and learning method

 This unit will be delivered via one - 2 hour lecture and one - 2 hour tutorial per week, but the summer offering is only in DE mode, so no lecture and tutorial sessions are conducted. It is your responsibility to go through lecture and tutorial materials. Weekwise study guide, lecture notes and tutorial exercises will be made available to all students through the unit MUSO website. Lectures will provide students with the knowledge of fundamental theories and concepts. Tutorials will provide students with an opportunity to discuss and apply those concepts through exercises. Discussion forum on MUSO is for the students to discuss any topic related to this unit and to provide a forum that help you to achieve learning objectives.

Tutorial allocation

On-campus students should register for tutorials/laboratories using Allocate+.

Communication, participation and feedback

Monash aims to provide a learning environment in which students receive a range of ongoing feedback throughout their studies. You will receive feedback on your work and progress in this unit. This may take the form of group feedback, individual feedback, peer feedback, self-comparison, verbal and written feedback, discussions (on line and in class) as well as more formal feedback related to assignment marks and grades. You are encouraged to draw on a variety of feedback to enhance your learning.

It is essential that you take action immediately if you realise that you have a problem that is affecting your study. Semesters are short, so we can help you best if you let us know as soon as problems arise. Regardless of whether the problem is related directly to your progress in the unit, if it is likely to interfere with your progress you should discuss it with your lecturer or a Community Service counsellor as soon as possible.

Unit Schedule

Week Topic Study guide References/Readings Key dates
1 OSI Security Architecture SG1 Ch. 1 of Text book by W. Stallings  
2 Symmetric Encryption SG2 Ch. 2 of text book  
3 Asymmetric Encryption SG3 Ch. 3 of text book  
4 Authentication Applications SG4 Ch. 4 of text book  
5 Electronic Mail Security SG5 Ch. 5 of text book  
6 IP Security SG6 Ch. 6 of text book  
Mid semester break
7 Web Security SG7 Ch. 7 of text book April 20, 2009 (assignment 1 due)
8 Wireless Security SG8 Web resources  
9 Network Management SG9 Ch. 8 of text book  
10 Intrusion Detection and Response SG10 Ch. 9 of text book  
11 Malicious Software Attack SG11 Ch. 10 of text book May 20, 2009 (assignment 2 due)
12 Firewall Defence SG12 Ch. 11 of text book  
13 Revision      

Unit Resources

Prescribed text(s) and readings

Prescribed Text

  • S. William, "Network Security Essentials - Applications and Standards", 3rd Edition, Prentice Hall, 2007.
Text books are available from the Monash University Book Shops. Availability from other suppliers cannot be assured. The Bookshop orders texts in specifically for this unit. You are advised to purchase your text book early.

Recommended text(s) and readings

Reference Text

  • O. Poole, "Network Security - A Practical Guide", Butterworth Heinemann, 2003.

Recommedded Text

  • J. H. Allen, "The CERT Guide to System and Network Security Practices", Addison-Wesley, 2001.
  • M. Kaeo, "Designing Network Security : A Practical Guide to Creating a Secure Network Infrastructure", Cisco Press, 2004.
  • R. Oppliger, "Security Technologies for the World Wide Web", Artech House, 2003.

Required software and/or hardware

The software used in this unit is available in public domain. The software is PGP encryption software which is available at:

http://www.pgpi.org/products/pgp/versions/freeware/win32

and

http://www.gpg4win.org/download.html

Equipment and consumables required or provided

Students may use the facilities available in the computing labs. Information about computer use for students is available from the ITS Student Resource Guide in the Monash University Handbook. You will need to allocate up to 5 hours per week for use of a computer, including time for newsgroups/discussion groups.

Study resources

Study resources we will provide for your study are:

The following material in printed format that will be mailed to all distance education students.

  • Unit Information guide

The following course materials which will be provided in on-line format only in MUSO: 

  • A Unit Book divided into twelve study guides
  • Lecture notes and tutorial materials on weekly basis
  • The specification for the first and second assignment
  • A sample examination paper with sample solution
  • A range of references material on the World Wide Web

Library access

The Monash University Library site contains details about borrowing rights and catalogue searching.  To learn more about the library and the various resources available, please go to http://www.lib.monash.edu.au.

The Educational Library and Media Resources (LMR) is also a very resourceful place to visit at http://www.education.monash.edu.au/library/

Monash University Studies Online (MUSO)

All unit and lecture materials are available through MUSO (Monash University Studies Online). Blackboard is the primary application used to deliver your unit resources. Some units will be piloted in Moodle. If your unit is piloted in Moodle, you will see a link from your Blackboard unit to Moodle (http://moodle.monash.edu.au) and can bookmark this link to access directly. In Moodle, from the Faculty of Information Technology category, click on the link for your unit.

You can access MUSO and Blackboard via the portal: http://my.monash.edu.au

Click on the Study and enrolment tab, then Blackboard under the MUSO learning systems.

In order for your Blackboard unit(s) to function correctly, your computer needs to be correctly configured.

For example:

  • Blackboard supported browser
  • Supported Java runtime environment

For more information, please visit: http://www.monash.edu.au/muso/support/students/downloadables-student.html

You can contact the MUSO Support by phone : (+61 3) 9903 1268

For further contact information including operational hours, please visit: http://www.monash.edu.au/muso/support/students/contact.html

Further information can be obtained from the MUSO support site: http://www.monash.edu.au/muso/support/index.html

Assessment

Unit assessment policy

The unit is assessed with two assignments and a three hour closed book examination. To pass a unit which includes an examination as part of the assessment a student must obtain:

  •  40% or more in the unit's examination and
  •  40% or more in the unit's total non-examination assessment and
  •  an overall unit mark of 50% or more

If a student does not achieve 40% or more in the unit examination or the unit non-examination total assessment, and the total mark for the unit is greater than 44% then a mark of 44-N will be recorded for the unit.

Assignment tasks

  • Assignment Task

    Title : Assignment 1

    Description :

    This assignment is designed to test students' understating of symmetric and asymmetric cryptographic concepts and how they can be applied in real applications. This will be based on the topics covered in the first 6 weeks.

    Weighting : 20%

    Criteria for assessment :

    Details in assignment specification.

    Due date : April 20, 2009

  • Assignment Task

    Title : Assignment 2

    Description :

    This assignment is designed to test students' understating of security protocols and standard practices, including wireless security. This will be based on the topics covered in Week 7-11.

    Weighting : 20%

    Criteria for assessment :

    Details in assignment specification.

    Due date : May 20, 2009

Examinations

  • Examination 1

    Weighting : 60%

    Length : 3 hours

    Type ( open/closed book ) : Closed book


Assignment submission

Assignments needs to be submitted electronically at:

Gippsland: WEBFACE (http://wfsubmit.its.monash.edu.au)
Clayton: MUSO
SA: MUSO
Sunway: MUSO

Assignment coversheets

Assignment coversheets can be found via the "Student assignment coversheets" ( http://infotech.monash.edu.au/resources/student/assignments/ ) page on the faculty website

University and Faculty policy on assessment

Due dates and extensions

The due dates for the submission of assignments are given in the previous section. Please make every effort to submit work by the due dates. It is your responsibility to structure your study program around assignment deadlines, family, work and other commitments. Factors such as normal work pressures, vacations, etc. are seldom regarded as appropriate reasons for granting extensions. Students are advised to NOT assume that granting of an extension is a matter of course.

Requests for extensions must be made to the unit lecturer at your campus at least two days before the due date. You will be asked to forward original medical certificates in cases of illness, and may be asked to provide other forms of documentation where necessary. A copy of the email or other written communication of an extension must be attached to the assignment submission.

Late assignment

It is your responsibility to structure your study program around assignment deadlines, family, work and other commitments. Factors such as normal work pressures, vacations, etc. are seldom regarded as appropriate reasons for granting extensions.

Assignments submitted after the due date will be accepted only in exceptional circumstances. If an assignment will be late, it is necessary to contact the unit adviser of your campus at least 2 days before the due date. You may be required to provide documentation to support a request for late submission. There may be a penalty of 3% for each day of late submission if not approvaed before due date. 

Return dates

Students can expect assignments to be returned within two weeks of the submission date or after receipt, whichever is later.

Assessment for the unit as a whole is in accordance with the provisions of the Monash University Education Policy at http://www.policy.monash.edu/policy-bank/academic/education/assessment/

We will aim to have assignment results made available to you within two weeks after assignment receipt.

Plagiarism, cheating and collusion

Plagiarism and cheating are regarded as very serious offences. In cases where cheating  has been confirmed, students have been severely penalised, from losing all marks for an assignment, to facing disciplinary action at the Faculty level. While we would wish that all our students adhere to sound ethical conduct and honesty, I will ask you to acquaint yourself with the University Plagiarism policy and procedure (http://www.policy.monash.edu/policy-bank/academic/education/conduct/plagiarism-procedures.html) which applies to students detected plagiarising.

In this University, cheating means seeking to obtain an unfair advantage in any examination or any other written or practical work to be submitted or completed by a student for assessment. It includes the use, or attempted use, of any means to gain an unfair advantage for any assessable work in the unit, where the means is contrary to the instructions for such work. 

When you submit an individual assessment item, such as a program, a report, an essay, assignment or other piece of work, under your name you are understood to be stating that this is your own work. If a submission is identical with, or similar to, someone else's work, an assumption of cheating may arise. If you are planning on working with another student, it is acceptable to undertake research together, and discuss problems, but it is not acceptable to jointly develop or share solutions unless this is specified by your lecturer. 

Intentionally providing students with your solutions to assignments is classified as "assisting to cheat" and students who do this may be subject to disciplinary action. You should take reasonable care that your solution is not accidentally or deliberately obtained by other students. For example, do not leave copies of your work in progress on the hard drives of shared computers, and do not show your work to other students. If you believe this may have happened, please be sure to contact your lecturer as soon as possible.

Cheating also includes taking into an examination any material contrary to the regulations, including any bilingual dictionary, whether or not with the intention of using it to obtain an advantage.

Plagiarism involves the false representation of another person's ideas, or findings, as your own by either copying material or paraphrasing without citing sources. It is both professional and ethical to reference clearly the ideas and information that you have used from another writer. If the source is not identified, then you have plagiarised work of the other author. Plagiarism is a form of dishonesty that is insulting to the reader and grossly unfair to your student colleagues.

Register of counselling about plagiarism

The university requires faculties to keep a simple and confidential register to record counselling to students about plagiarism (e.g. warnings). The register is accessible to Associate Deans Teaching (or nominees) and, where requested, students concerned have access to their own details in the register. The register is to serve as a record of counselling about the nature of plagiarism, not as a record of allegations; and no provision of appeals in relation to the register is necessary or applicable.

Non-discriminatory language

The Faculty of Information Technology is committed to the use of non-discriminatory language in all forms of communication. Discriminatory language is that which refers in abusive terms to gender, race, age, sexual orientation, citizenship or nationality, ethnic or language background, physical or mental ability, or political or religious views, or which stereotypes groups in an adverse manner. This is not meant to preclude or inhibit legitimate academic debate on any issue; however, the language used in such debate should be non-discriminatory and sensitive to these matters. It is important to avoid the use of discriminatory language in your communications and written work. The most common form of discriminatory language in academic work tends to be in the area of gender inclusiveness. You are, therefore, requested to check for this and to ensure your work and communications are non-discriminatory in all respects.

Students with disabilities

Students with disabilities that may disadvantage them in assessment should seek advice from one of the following before completing assessment tasks and examinations:

Deferred assessment and special consideration

Deferred assessment (not to be confused with an extension for submission of an assignment) may be granted in cases of extenuating personal circumstances such as serious personal illness or bereavement. Information and forms for Special Consideration and deferred assessment applications are available at http://www.monash.edu.au/exams/special-consideration.html. Contact the Faculty's Student Services staff at your campus for further information and advice.