Information Security and Privacy

This subject has the following teaching availabilities in 2016:

170 hours

None

None

For the purposes of considering request for Reasonable Adjustments under the Disability Standards for Education (Cwth 2005), and Student Support and Engagement Policy, academic requirements for this subject are articulated in the Subject Overview, Learning Outcomes, Assessment and Generic Skills sections of this entry.

It is University policy to take all reasonable steps to minimise the impact of disability upon academic study, and reasonable adjustments will be made to enhance a student's participation in the University's programs. Students who feel their disability may impact on meeting the requirements of this subject are encouraged to discuss this matter with a Faculty Student Adviser and Student Equity and Disability Support: http://services.unimelb.edu.au/disability

Aims

Information is a valuable asset that requires protection from increasingly sophisticated and complex security threats. Given the ease with which information can be collected directly from individuals or secretly through technologies presents new challenges for protecting privacy.

An effective security strategy requires a sophisticated understanding of risk management and how a range of tools and techniques can be applied for protective purposes.

In this subject students will be exposed to a range of issues related to information privacy and security. These issues drive the need for better security tools, technologies and techniques. Students will learn foundational concepts that explain how security strategy is developed. Topics include: the security threat landscape, managing security risk exposure, protective paradigms, models and frameworks, and cryptographic techniques to secure information.

For Bachelor of Science students this is a required subject in the Informatics major and an elective subject in the Science Informatics major and the concurrent Diploma in Informatics. This subject is available as a breadth subject for other Bachelor degrees and is an elective in the Working with Information breadth track.

Indicative Content

• Understanding the three Security Principles: Confidentiality, Integrity and Availability (C,I,A)
• Understanding how to conduct a Security Risk Assessment
• Developing a Security Strategy using Paradigms, Models and Frameworks
• Identifying security and privacy issues that drive the need for security
• Understanding cryptographic technologies and how they can be applied to security and privacy problems

Intended Learning Outcomes (ILOs)

On completion of this subject the student is expected to:

1. Identify a range of security and privacy issues and threats that drive the need for security
2. Understand the three security principles Confidentiality, Integrity and Availability (C,I,A) and how they relate to security threats and technologies
3. Identify a range of security paradigms and models and understand how they can be deployed in a security strategy to protect information and preserve privacy
4. Understand cryptographic technologies and how they can be deployed to protect information and preserve privacy

• 20-minute group seminar presentation of an assigned research paper (requiring 10-13 hours work per individual student), (ILOs 1-4 addressed), due Weeks 3-12 (10%)
  • Individual student presentation and group discussion time is no more than 5-10 minutes each per student.
• 40-minute group management of class discussion on the research paper (requiring 2-5 hours preparation per individual student), (ILOs 1-4 addressed), due Weeks 3-12 (10%)
  • Individual student presentation and group discussion time is no more than 5-10 minutes each per student.
• 2000-word research report by a group of 3-5 students (requiring 20-25 hours of work per individual student), (ILOs 1 and 2 addressed), due Week 10 (20%)
• Individual participation in seminar activities throughout the semester (requiring 10-13 hours of work), (ILOs 1-4 addressed), ongoing (10%)
• 2-hour written closed book exam, (ILOs 1-4 addressed), held in the exam period at the end of semester (50%)

Hurdle Requirements:

To pass the subject, students must obtain

• at least 50% (25/50) in the examination
• a combined total of at least 50% (25/50) in the other components of assessment

None

This subject potentially can be taken as a breadth subject component for the following courses:

• Bachelor of Arts
• Bachelor of Commerce
• Bachelor of Environments
• Bachelor of Music

You should visit learn more about breadth subjects and read the breadth requirements for your degree, and should discuss your choice with your student adviser, before deciding on your subjects.

On completion of this subject, students should have developed the following generic skills:

• An ability to synthesise information and communicate results effectively
• An ability to work effectively as a member of a project team
• In-depth critical and independent thinking and reflection skills
• An ability to solve problems and communicate solutions both orally and in writing.

Learning and Teaching Methods

The subject will be delivered through a combination of lectures, tutorials, group presentations and team-based learning where a group of students will analyse the information manage needs or an organization and design an information management system. Outside class students will study theory and cases through reading and continuing their group activities.

Indicative Key Learning Resources

Students will have access to lecture notes and lecture slides. The subject LMS site also contains links to recommended literature and other resources.

Careers/Industry Links

All organizations must manage their information in order to be effective. There is a large range of career opportunities for information managers, analysts and consultants both within and outside the IT industry. There will be one or two lectures from invited practitioners from industry.