Module Title:   Security, Privacy and Data Protection

Module Credit:   20

Module Code:   CM-1052D

Academic Year:   2015/6

Teaching Period:   Semester 1

Module Occurrence:   A

Module Level:   FHEQ Level 7

Module Type:   Standard module

Provider:   Computer Science

Related Department/Subject Area:   SCIM (Dept of Computer Science)

Principal Co-ordinator:   Dr A. J. Cullen

Additional Tutor(s):   Prof I. U. Awan

Prerequisite(s):   None

Corequisite(s):   None

To develop a comprehensive understanding of the underlying technologies of secure systems and a critical awareness of the inherent risks and related privacy issues of their use in business.

Learning Teaching & Assessment Strategy:
Formal input provided by lectures, supported by practical examples from videos, visiting speakers and readings (LO1, LO2). Case studies used, where appropriate, to illustrate issues raised by electronic systems used in business (LO3a, LO3b). Assessment by group presentation, individual report and examination takes account of issues relevant to industry and the theoretical material discussed in class (LO1, LO2, LO3a, LO3b). Supplementary assessment is as original, with the exception of the group presentation replaced with an individual piece of work (2000 words).

Lectures:   12.00          Directed Study:   174.00           
Seminars/Tutorials:   12.00          Other:   0.00           
Laboratory/Practical:   0.00          Formal Exams:   2.00          Total:   200.00

On successful completion of this module you will be able to...

Demonstrate an advanced understanding of the nature of secure systems within an organisation and the technical, legal and business issues involved.

On successful completion of this module you will be able to...

Demonstrate advanced skills to deal with the complex issues involved in effectively implementing electronic systems in business whilst identifying and minimising the security risks.

On successful completion of this module you will be able to...

(a) have further advanced your skills of research, problem-solving and communication. (b) Be a self-directed, independent learner who shows initiative and personal responsibility.

  Coursework   50%
  Coursework (individual report - 2000 words, and group presentation - 30 minutes)
  Examination - closed book 2.00 50%
  2 hour examination

Supplementary Assessment:
As Original

Outline Syllabus:
Issues involved in bringing computer security into an organisation. Managing the security function within an organisation. Risks involved with using electronic systems. Business and legal principles. The implementation of information security systems taking account of cybercrime and the cybercriminal. General legislation, data protection and regulation. Social engineering. Theoretical security models. Critical examination and analysis of case study material and current research papers/reports. The participation of visiting speakers to provide an industrial perspective on current and up to date security issues in the workplace.
Reading List:
Panko, R., R., (2010). Corporate computer and network security, 2nd ed, Pearson Education, Upper Saddle River.
Dhillon, G., (2007), Principles of information systems security : text and cases, John Wiley & Sons, Hoboken.
Smith, G., E., (2004), Control and security of e-commerce, Wiley, Hoboken.
Ford, W., (2001), Secure electronic commerce : building the infrastructure for digital signatures and encryption, 2nd ed, Prentice Hall PTR, Upper Saddle River.
Ghosh, A., K., (1998), E-commerce security : weak links, best defences, John Wiley, New York.

NB: This may be subject to change and an updated list can be found via the library catalogue at:

Version No:  5