Homework 1

A. (70 Points) Write an article of about 5-7 (11 point, New times roman, single spacing) pages on "Security Management" based on the papers 1 and 2. The third paper is not required but highly recommended for reading. You are free to choose the style of your writing - you may summarize the essential issues addressed in the two papers; be a critic of the papers highlighting/comparing the strengths and weaknesses; build on the ideas discussed there; or do a mix of these. You are encouraged to incorporate issues we have discussed in the lectures. 

  1. Philip C. Hyland,  Ravi Sandhu, "Concentric Supervision of Security Applications: A New Security Management Paradigm," ACSAC 1998 (SecManParadigm1.pdf)

  2. Jan Eloff, Mariki Eloff D, "Information security management: a new paradigm," Proceedings of the 2003 annual research conference of the South African institute of computer scientists and information technologists on Enablement through technology, Pages: 130 - 136, 2003. (SecManParadigm2.pdf)
  3. (Recommended reading) 2004 CSI/FBI Computer Crime and Security Survey, (Click Here - you need to register to download the paper )

A. (30 Points) Imagine you are the Chief Information Security Officer (CISO) of the University of Pittsburgh. Check out the Information Security related pages of the University and write a short report on it (about 2 pages or more). Your goal is to ensure that appropriate information security related information is on the web (including mission, vision, SETA related, etc., that we discussed in the class). You may assume that the report will be sent out to your juniors with regards to how pleased you are in the implementation of the web portal and suggestions for improvement.

Note: The page estimates indicated are based on 11 point size font, New times roman, and single spacing.

Homework is due on Wednesday, Jan 26