Homework 1

A. (50 Points) Write an article of about 5-7 (11 point, New times roman, single spacing) pages on "Security Management" based on the papers 1 and 2. You are free to choose the style of your writing - you may summarize the essential issues addressed in the two papers; be a critic of the papers highlighting/comparing the strengths and weaknesses; build on the ideas discussed there; or do a mix of these. You are encouraged to incorporate issues we have discussed in the lectures. 

  1. Philip C. Hyland,  Ravi Sandhu, "Concentric Supervision of Security Applications: A New Security Management Paradigm," ACSAC 1998 (SecManParadigm1.pdf)

  2. Jan Eloff, Mariki Eloff D, "Information security management: a new paradigm," Proceedings of the 2003 annual research conference of the South African institute of computer scientists and information technologists on Enablement through technology, Pages: 130 - 136, 2003. (SecManParadigm2.pdf)

B. (25 Points) Read the Information Technology Plan Update of the University of Pittsburgh and write a critique/review. (Max two pages)

C. (25 Points) Imagine you are the Chief Information Security Officer (CISO) of the University of Pittsburgh. Check out the Information Security related pages of the University and write a short report on it (about 2 pages or more). Your goal is to ensure that appropriate information security related information is on the web (including mission, vision, SETA related, etc., that we discussed in the class). You may assume that the report will be sent out to your juniors with regards to how pleased you are in the implementation of the web portal and suggestions for improvement.

Note: The page estimates indicated are based on 11 point size font, New times roman, and 1.5 spacing.

Homework is due on Wednesday, Jan 31, 2006