Henry Lee



SENG460    Practice of Information Security and Privacy (2013)

This is a course offered as part of the Bachelor of Software Engineering (BSEng) program.

This course is designed to address important issues to implement security in the corporate environment and deals with advanced topics in information security management. It is assumed that students have fundamental knowledge of information security.

The course consists of 11 topics in information security and is delivered by 11 security practitioners from government and industry. The topics of the course include Enterprise Security Architecture; Information Security Policy and International Standards; Security Threat and Risk Assessments; Logging and Monitoring; Investigations; Ethical Hacking; Application Security; Privacy; Business Continuity Management; Physical and Environmental Security; and Information Security as a Career.

Each lecture contains a case study chosen from examples in the field. In each case study, a problem is described and students are asked to build their solutions to the problem either cooperatively or individually. The result of the case study should be summarized individually, developed further, and submitted to Dr. Lee as an assignment. It is encouraged to incorporate further findings into the assignment.

The course pack is available at the Bookstore.

COURSE OUTLINE: SENG460 Course Outline

LECTURE ROOM: Engineering and Computer Science Building (ECS) 130

LECTURE MATERIAL: Available here after each lecture.

January 4 Enterprise Security Architecture Doug Steele
January 11 Security Policy and International Standards   Henry Lee
January 18 Security Threat and Risk Assessments Richard Hakim
January 25 Logging and Monitoring Steven Radin
February 1 Investigations Lance Morgan
February 8 Information Security as a Career Andrew Hughes
February 15 Midterm Exam Henry Lee
February 22   Reading Week No Lecture
March 1 Ethical Hacking Eric van Wiltenburg  
March 8 Application Security Andrew Law
March 15 Privacy Jason Eamer-Goult
March 22 Business Continuity Management Graham Bennett
March 29 Easter/Good Friday No Lecture
April 5 Physical and Environmental Security Susan Bedwell

ASSIGNMENTS: All assignment deliverables must be submitted to Dr. Lee's ECE Dept. mailbox in EOW 448 by 4:30 p.m. on the due date (the following Friday after each lecture). A 1% deduction in the overall assignment mark will be made for each day a given deliverable is late.

Mid-term exam at the lecture room on Friday, February 15, 2013 (1:30pm-3:30pm, 2 hours)
Topics for mid-term: Enterprise Security Architecture, Security Policy and International Standards, Security Threat and Risk Assessments, Monitoring, and Investigations.

Final exam at ECS 108 on Monday, April 15, 2013 (9:00am-noon, 3 hours)
Topics for final: All except Information Security as a Career

OFFICE HOURS: 11am - noon on Fridays at EOW 419