ENQUIRIES The Program Coordinator Masters in Information Security Faculty of Computer Science & Information Systems UTM City

Campus Jalan Semarak, 54100 KUALA LUMPUR Tel: (+603) 2615 4745 Mobile: 012-6622 490 Fax: (+603) 2693 0933 Email: zailani@utmkl.utm.my

Visit us at: www.case.utm.my/infosec

INTRODUCTION The Faculty of Computer Science & Information System (FSKSM), the University of Technology Malaysia (UTM) is offering a graduate study in Information Security. This new and advanced graduate study is unique and is offered in Malaysia only by UTM. It is intended for computer professionals and computer science / engineering / science & technology graduates to pursue further in the field of Information Security. It is designed to introduce the technical, application, management, and legal aspects of security in Information and Communications Technology (ICT). Graduate s of the degree are expected to find employment in both business and industry as Information Security experts, and the need for such experts is likely to be high in light of the current and future development of ICT security.

ADMISSION REQUIREMENTS Applications for admissions must posses one of the followings: B.Sc. in Computer Science, Information Technology (IT), Management Information Systems (MIS) or its equivalent with CGPA 3.0 or above. B.Sc. in Engineering including Software, Computer, Electrical, Electronic, Civil, Mechanical, Chemical, and Petroleum with CGPA 3.0 or above. B.Sc. in other sciences including Mathematics and Physics with a minimum of three years experience in the field of Computer Science/IT.

PROGRAM FEES (Full/Part Time) Self sponsored Company sponsored Foreign students RM20,000.00 RM25,000.00 RM25,000.00

DEGREE NAME Master in Computer Science (Information Security)

PROGRAM VENUE UTM City Campus, Jalan Semarak, KL.

PROGRAM OBJECTIVE The degree is intended as a foundation for a professional career as well as for postgraduate research in Information Security.

METHOD OF EXAMINATION All courses will have a major written examination, besides tests and assignments, at the end of every semester. There will be two projects - Project I and its continuation in Project II. At the end of the Program, each student is required to submit a written project dissertation.

PROGRAM DURATION Full time Three (3) semesters Part time Four (4) semesters

PROGRAM NATURE Full time Course works & projects Part time Course works & projects

CONTACT PERSON Assoc. Prof. Zailani bin Mohamed Sidek The Program Coordinator Masters in Information Security, UTM Tel: (03) 2615 4745 H/P: 012-6622 490 Fax: (03) 2693 0933 Email: zailani@utmkl.utm.my

PROGRAM CURRICULUM Course Type University Common Elective Courses Compulsory Faculty Courses Project Core Courses Course Name Choose any 1 course (minimum 2 credits) offered by other Programs or Faculty in the list provided by the School of Graduate Studies. MCM1262 Computer Project Management MCS2071 Seminar/Special Topic (HW) MCU1012 Project I MCU1024 Project II MCS1413 Cryptography MCS1433 Information Security Management MCS2443 Telecommunication, Network and Internet Security MCS2453 Security Architecture and Models MCS2463 Applications Development Security MCS2473 Operations and Physical Security MCS1493 Law, Investigations and Ethics TOTAL Credit 2 Total 2

2 1 2 4 3 3 3 3 6

3 3 3 3 32 21 32

PROGRAM STRUCTURE Full Time (3 Semesters) Semester 1 MCS1413 MCS1433 MCS2463 UCES MCM1262 Total Credits Credit 3 3 3 2 2 13 Semester 2 MCU1012 MCS2453 MCS2443 MCS2473 MCS2071 Total Credits Credit 2 3 3 3 1 12 Semester 3 MCU1024 MCS1493 Credit 4 3

Total Credits

Part Time (4 Semesters)

Semester 1 MCS1413 MCS1433 MCS2463 Total

Cr 3 3 3 9

Semester 2 MCS2453 MCS2443 MCS2473 MCS2071 Total

Cr 3 3 3 1 10

Semester 3 MCU1012 MCS1493 UCES MCM1262 Total

Cr 2 3 2 2 9

Semester 4 MCU1024

Cr 4

Total

PROGRAM SYLLABUS (Core Courses)

permutation, the Feistel principle, DES, modes of operation. Public key ciphers Diffie-Hellman key exchange, One-way functions and trap-doors, RSA, ElGamal cryptosystem. Key management a detailed discussion of the importance of good key management and some relevant standards. Authentication / Identification challenge / response. MACs. protocols,

CRYPTOGRAPHY (MCS1413) Synopsis: The cryptography subject addresses principles, means, and methods disguising information to ensure integrity, confidentiality and authenticity. the of its

This subject provides the background for the application and implementation of security mechanisms covered in the other courses. It deals with both theoretical and practical aspects of cryptography, to give an insight to the problems that arise in cryptography and the tools used to solve them. It introduces both symmetric key cipher systems and public key cryptography, covering methods of obtaining the objectives of CIA (confidentiality, integrity and availability). Objectives: On completion of the course, students should appreciate how cryptography is used and understand how the application influences the choice of algorithm type. They should also appreciate the need for good key management. They should not however expect to be able to design algorithms. Contents:

Digital signatures digital signature methods, arbiters, Hash functions, DSS, certificates, certification authorities.

References:
1.

H.J. Beker and F.C. Piper, Cipher Systems, Van Nostrand, 1982. D.W. Davies and W.L. Price, Security for Computer Networks, John Wiley (Chichester), 1989 (2nd edition). Alfred Menezes, Paul van Oorschot, Scott Vanstone, Handbook of Applied Cryptography, CRC Press, 1997. C.H. Meyer and S.M. Matyas, Cryptography: A new dimension in computer data security, John Wiley and Sons, 1982. B. Schneier, Applied Cryptography, John Wiley & Sons, New York, 1995 (2nd edition). J. Seberry and J. Pieprzyk, Cryptography: an introduction to computer security, Prentice Hall, 1989. H.C.A. van Tilborg, An Introduction Cryptology, Kluwer Academic, 1990. to

2.

3.

4.

5.

6.

7.

Basic mathematical background to cryptography modular arithmetic, prime numbers, inverses, CRT. The fundamentals of CIA confidentiality, integrity and availability.

8.

D.Welsh, Codes and Cryptography, Oxford Science, 1985.

Cipher systems an introductory overview of the aims of cryptography and the types of ciphers used, simple historical examples, and methods and types of attack. Stream ciphers the one time pad, pseudo-random key streams properties and generation. Block ciphers confusion and diffusion, iterated ciphers substitution / 4

INFORMATION SECURITY MANAGEMENT (MCS1433) Synopsis: Security management entails the identification of an organization's information assets and the development, documentation, and implementation of policies, standards, procedures, and guidelines. Management tools such as data classification and risk assessment/analysis are used to identify threats, classify assets, and to rate system vulnerabilities so that effective controls can be implemented. Objectives: At the end of the course students should have gained an understanding of the provision of security in information system, as well as an appreciation of some of the problems that arise in devising practical solutions to management of security for information system requirements. Contents:

TELECOMMUNICATIONS, NETWORK, AND INTERNET SECURITY (M CS2443) Synopsis: The telecommunications, network, and Internet security subject discusses the network structures, transmission methods, transport formats, security measures used to provide availability, integrity, and confidentiality. Authentication for transmissions over private and public communications networks and media. This course is concerned with the protection of data transferred over commercial information networks, including computer and telecommunications networks. After an initial brief study of current networking concepts, a variety of generic security technologies relevant to networks are studied, including user identification techniques, authentication protocols and key distribution mechanisms. This leads naturally to consideration of security solutions for a variety of types of practical networks, including LANs, WANs, proprietary computer networks and electronic mail. Objectives: At the end of the course, students should have gained an understanding of the fundamentals of the provision of security in information networks, as well as an appreciation of some of the problems that arise in devising practical solutions to network security requirements. Contents: Introductory network concepts the OSI model and an introduction to computer networks; LANs and WANs the main features; and Network protocols (IEEE 802, TCP/IP and ITU (T) X.25). in Identity verification use and storage of conventional passwords; Dynamic password schemes. Biometric techniques; Use of tokens (dumb and intelligent), including the use of smart cards. Introductory security concepts the concepts of security threats, security services and security mechanisms (as in ISO 7498-2). Authentication and key distribution the importance and relatedness of the concepts of key management and entity authentication in a network; Objectives of an entity authentication protocol; Some fundamental 5

Security management principles.

concepts

and

The human side of information security, and security management. Policies, standards, guidelines. Risk management. Security Management Planning. procedure and

References:
1.

Charles P. Pfleeger, Security Computing, 2nd Edition, Prentice-Hall.

2.

Dorothy E. Denning, Cryptography and Data Security, Addison Wesley, Reading, MA, 1983.

protocols (e.g. ISO/IEC 9798-2, 97983, 9798-4 and Kerberos); Testing the validity of authentication protocols a brief introduction to formal approaches; Using authentication protocols for key distribution, and other approaches to key establishment (including public key certificates). Security for LANs approaches to providing security in Ethernet; The IEEE 802.10 LAN security standard. Security for WANs threats to computer networks. Network Layer Security protocol (NLSP) and Transport Layer Security Protocol (TLSP); Approaches to providing security for X.25. Firewalls. Upper layer security upper Layers Security Model; Secure associations. Electronic Mail Security The security features in the ITU (T) X.400 recommendations and their dependence on ITU (T) X.509. Internet Privacy Enhanced Mail (PEM). Pretty Good Privacy (PGP), S/MIME. Network management security OSI Management security; SNMP security. Wireless communications security. References:

SECURITY ARCHITECTURE AND MODELS (MCS2453) Synopsis: The Security Architecture and Models subject contains the concepts, principles, structures, and standards used to design, monitor, and secure operating systems, equipment, networks, applications and those controls used to enforce various levels of availability, integrity, and confidentiality. This course deals with the more technical means of making a computing system secure. This process starts with defining the proper security requirements, which are usually stated as a security policy. Security models formalize those policies and may serve as a reference to check the correctness of an implementation. The main security features and mechanisms in operating systems will be examined as well as security related issues of computer architecture. Software protection, in particular for PCs, and computer viruses will also be discussed. Objectives: At the end of the course, students should understand the main issues of computer security and be familiar with the technical aspects of managing the security of a computing system. Contents:

1. W. Ford, Computer communications security, Prentice-Hall (Englewood Cliffs, New Jersey), 1994. 2. W. Stallings, Cryptography and network security - principles and practice, Prentice-Hall (Englewood Cliffs, New Jersey), 1998, (2nd edition). 3. W.R. Cheswick and S.M. Bellovin, Firewalls and Internet security, AddisonWesley (Reading, Mass.), 1994. 4. D.W. Davies and W.L. Price, Security for computer networks, John Wiley (Chichester), 1989 (2nd edition).

Concepts and terminology security (confidentiality, integrity, availability); reliability; security policies; security models revisited. Models access control, information flow; Bell-LaPadula model, basic security theorem; integrity models. Implementation of a security model mandatory and discretionary access control; multi-level systems; security levels, labels; capabilities; reference monitor; resource control facilities; password schemes. Implementation of mechanisms security mechanisms in operating systems; support at the processor level. Case studies UNIX MLS, RACF, Windows NT, Linux. Software protection Software integrity; PCsecurity, copy protection, viruses, Trojan horses; virus protection. 6

 Distributed systems security Policies; security architectures; distributed authentication, delegation, SPX, GSSAPI, CORBA security; Security APIs X/Open GCS-API. GSS-API, POSIX,

APPLICATION DEVELOPMENT SECURITY (MCS2463) Synopsis: This domain addresses the important security concepts that apply to application software development. It outlines the environment where software is designed and developed and explains the critical role software plays in providing information system security. Objectives: At the end of the course, students should understand the main issues of computer security and be familiar with the technical aspects of managing the development of systems with security requirements addressed. Contents: Application issues. Security requirements in system developments. The need for certification and accreditation. Framework for certification testing. Malware threats, detection and Protection. System development and Common Criteria, and FIPS. Open source security. References: 1. H. F. Tipton and M. Krause, Information Security Management Handbook, 2003. 2. D. Gollmann, Computer Security, John Wiley & Sons, to appear 1999. 3. C.P. Pfleeger, Security in Computing, PrenticeHall, 1997 (second edition). 4. E. Amoroso, Fundamentals of Computer Security Technology, Prentice Hall International, 1994. 5. Ernst & Young, Logical Access Control, McGraw-Hill, 1993.

Auditing Auditing intrusion detection. References:

mechanisms,

1. D. Gollmann, Computer Security, John Wiley & Sons, to appear 1999. 2. C.P. Pfleeger, Security in Computing, Prentice-Hall, 1997 (second edition). 3. E. Amoroso, Fundamentals of Computer Security Technology, Prentice Hall International, 1994. 4. Ernst & Young, Logical Access Control, McGraw -Hill, 1993. 5. D. Ferbrache, G. Shearer, UNIX installation security and integrity, Blackwell Scientific Publications, Oxford, 1992. 6. S. Garfinkel, G. Spafford, Practical Unix Security, O'Reilly & Associates, 1991. 7. M. Gasser, Building a Secure Computer System, Van Nostrand Reinhold, 1988. 8. P.H. Wood, S.G. Kochan, UNIX System Security, Hayden Books, 1988. 9. D. Grover (ed.), The protection of computer software - its technology and applications, 2nd edition, Cambridge University Press, 1992.

OPERATIONS AND PHYSICAL SECURITY (MCS2473) Synopsis Operations Security is used to identify the controls over hardware, media, and the operators and administrators with access privileges to any of these resources. Audit and monitoring are the mechanisms, tools, and facilities that permit the identification of security events and subsequent actions to identify the key elements and report the pertinent information to the appropriate individual, group, or process. The Business Continuity Plan (BCP) topic addresses the preservation and recovery of business operations in the event of outages. The physical security topic covers protection techniques for the entire facility, from the outside perimeter to the inside office space, including all of the information system resources. Contents Basic information security concepts. Security of directory threats and consequences, addressing the threats, establishing correvt permissions Computer Operation security Managed Security services monitoring and alerts Computing Facility Physical Security Business continuity plan, recovery plan, hot sites cold sites. Environment and Life Safety References 1. H. F. Tipton and M. Krause, Information Security Management Handbook, 2003. Disaster

LAW, INVESTIGATIONS AND ETHICS (MCS1493) Synopsis This subject addresses computer crime laws and regulations, the measures and technologies used to investigate computer crime incidents. Contents Incident Handling and Response, DDOS attacks. E-Forensic - The need, techniques and tools, building cases, reporting security breaches. Cyber law evolution, difficulties, liabilities. Case studies of international law affecting internet, HIPAA etc. International dimension of Cybercrime. References 1. Information Security Management Handbook, 4th Edition, Micki Krause & Harold F. Tipton 2. The Information Systems security Officers guide: Establishing and Managing an Information Protection Program, Gerald L. Kovacich 3. Malaysian and International Cyber Laws.