IS2621/TEL2813: Security Management (Spring-08)

Tuesdays 6:00 - 8:50PM

IS 406

James Joshi

Contact Info
721, IS Building,







Due Jan 26



Due Feb 6


Lab 1

Due Feb 12


Lab 2

Pre-lab Due Feb 29

Final version


Paper Presentations on Feb 26

(Go to Reading List)


Reading List


Go to LERSAIS page

Previous course offerings


Spring 2007

Spring 2006

Spring 2005

Course Description

This course covers issues related to administration and management of security of enterprise information systems and networks. Topics include intrusion detection systems, vulnerability analysis, anomaly detection, computer forensics, application logging, auditing and data management, risk management, contingency planning and incident handling, digital immune systems, and alarms and responses. The course will study in detail principles and tools related to these topics. The course will also cover security standards, evaluation and certification process; security planning, ethical and legal issues in information; privacy, traceability and cyber-evidence;

Course Objective

The course is aimed at imparting knowledge and skill sets required to assume the overall responsibilities of administration and management of security of an enterprise information system. The course is aimed at developing capabilities to do the following:

  • Carry out a detailed analysis of enterprise security by performing various types of analysis such as vulnerability analysis, penetration testing, audit trail analysis, system and network monitoring, and configuration management.

  • Carry out detailed risk analysis and assessment of enterprise systems using various practical and theoretical tools.

  • Design detailed enterprise wide security plans and policies, and deploy appropriate safeguards (models, mechanisms and tools) at all the levels by providing due consideration to the life-cycle of the enterprise information systems and networks, as well as its legal and social environment. 


  • TEL-2300 (or equivalent)
  • IS-2150-TEL2810 or TEL-2821 or permission of the instructor

Students who have taken either of the following courses will benefit the most from this course:

  • IS2150/TEL2810 Introduction to Computer Security
  • IS2170/TEL2820 2820 Cryptography

If you have not taken either of these courses, have not taken other courses, and want to take this course, please talk to the instructor.

The course will include laboratory components hence basic knowledge of system environments (Window and Unix) will be essential. The students are expected to have adequate programming skills (C, C++ or Java).

Course Material

There is no one book that covers all the topics considered in this course. All the relevant books are still being checked to see if one can be used as the main text book. Here are some reference books that will be recommended for the course.

Additional reading list of journals and articles and NIST/GAO and federal reports will be provided.

Tentative Course Outline

Introduction to Security Management (3 Weeks)

  • Overview of security policies, models and mechanisms

  • Security Management Principles, Models and Practices

  • Security Planning and Asset Protection

  • Developing Security Programs and Disaster Recovery Plans

  • Case Studies

Risk Management (2 Weeks)

Security Analysis and Safeguards (tools and techniques) (3-4 Weeks)

  • Vulnerability analysis (Tools and Techniques)

  • Penetration testing

  • Protection Mechanisms and Incident handling

    • Access Control and Authentication architecture

    • Auditing systems and audit trail analysis

    • Configuration Management

    • Network defense and countermeasures

      • Intrusion Detection Systems (SNORT)

      • Architectural configurations and survivability issues

        • Firewall configurations and network design

        • Virtual private networks

        • Dial-up security

      • Computer and network forensic

    • Privacy Protection

  • Case studies on OS and application software (e.g., SELinux, Unix and Windows)

Standards and Security Certification Issues (2-3 Weeks)

  • Rainbow Series, Common Criteria

  • Security Certification Process

  • Case studies

National and International Security Laws and Ethical Issues (2 Weeks)

Grading (Tentative)

Homework/Quiz/Paper review/Lab/Presentation/Class/Seminar Participation 50%
Exams 20%
Paper/Project 30%

If you are having a disability for which you are or may be requesting an accommodation, you are encouraged to contact both your instructor and the Office of Disability Resources and Services (DRS), 216 William Pitt Union (412-648-7890/412-383-7355) as early as possible in the term. DRS will verify your disability and determine reasonable accommodations for this course.