Module Information

Module Identifier
CSM3120
Module Title
Modelling, Managing and Securing Data
Academic Year
2017/2018
Co-ordinator
Semester
Semester 1
Other Staff

Course Delivery

Delivery Type Delivery length / details
Lecture 20 x 2 Hour Lectures
Practical 5 x 2 Hour Practicals
 

Assessment

Assessment Type Assessment length / details Proportion
Semester Exam 2 Hours   Written Examination  50%
Semester Assessment 4,000 word report on security issues  50%
Supplementary Exam Resubmission of failed/nonsubmitted components or others of equivalent value.  100%

Learning Outcomes

On successful completion of this module students should be able to:

1. Design and structure databases appropriate to given problems, identifying potential issues of data persistence, resilience, security and verification of systems that process the data.

2. Evaluate the legal,social,ethical and professional issues involved in handling data.

3. Explain the structure of Internet and Distributed systems and the technologies and protocols behind them.

4. Identify potential security issues with specific types of computer systems and the data they contain, and suggest mitigating strategies.

Aims

This module gives students a technical understanding of the computing issues relevant to data handling and security. It forms a firm foundation for later modules on practical issues in information security (MSc Security) and in data mining (MSc Data Science).

Brief description

Many of the issues with the storing and handling of data are process-based. The data is not represented or stored appropriately, or ad hoc processes are used to
produce results, or insufficient thought is put into how the data is made available or to whom. The module will look at a range of issues related to performance and security in the context of computer systems. It will address not only confidentiality and privacy of data but also the integrity of data and guaranteeing reproducible
results.

Content

1. Introduction to data handling: modelling, processing, and security. Case studies of issues in handling data. 4 hours.

2. Social,legal and professional issues with data and software. People in the system. Business drivers for software systems. Overview of relevant computer law. Quality Assurance and software engineering. Ideas of security, resilience, testing,maintenance. 8 hours.

3. Relational modelling and data storage. Persistent storage. Entities and relationships. Primary and foreign keys. Referential integrity. Relational algebra. Data normalisation. Overview of SQL. Validating a design. 8 hours.

4. Distributed systems, structure of the Internet and how it works: Internet architectures, domains, TCP/IP, OSI,Internet Security Protocols; Tunnelling; VPNs; network attack and defence; TLS; Non IP Protocols & Standards. 8 hours.

5. Application Security issues: Email,web, social networks, ORM, Database security, Big Data security, identity management, programming issues. Physical security. 6 hours.

6. Cryptography and system security: Cipher and algorithm types; applications to confidentiality, integrity and authentication; PKI AES and RSA; Key management; Digital Signatures. Authentication (secrets, tokens, biometrics); Access Control (MAC, DAC, RBAC) and Privilege management; 6 hours.

Module Skills

Skills Type Skills details
Application of Number Inherent to subject
Communication Through assignment
Improving own Learning and Performance Inherent to subject
Information Technology Inherent to subject
Personal Development and Career planning Encourages students to see roles in subject for career and personal development
Problem solving Inherent to subject
Research skills Inherent to subject
Subject Specific Skills Technical skills related to internet systems and security
Team work No

Notes

This module is at CQFW Level 7