SENECA COLLEGE, TORONTO
Jan 2003 - Apr 2003
 INFORMATION SECURITY and PROTECTION of PRIVACY
http://www.mhhe.com/business/accounting/greenstein2e/ http://www.counterpane.com/ http://www.course.com/catalog/product.cfm?category=Security&subcategory=Security&isbn=0-619-06318-1
primary text
ISBN 0-07-241081-7		 reference text
ISBN 0-471-25311-1		 secondary text
ISBN: 0-619-06318-1		 secondary text
ISBN 0-471-19223-6
this course was taught in March-April 2002 - here is the old page  www.witiger.com/senecacollege/FCA240~2002.htm
As Taught by Prof. Tim Richardson School of Marketing and e-Business, Faculty of Business
. .last updated 2003 April 2
.
Section 1 Section 2 Section 3 Section 4 Section 5 Section 6
Chpt 4
E-commerce and the role of Third Parties
o Verisgn
o TRUSTe

Chpt 5
The Regulatory Environment

Privacy Issues in Canada
Bill C6

web linking
 music

search engines

Domain Name System 
o registration issues
o mktg issues

domain name disputes
Copyright on the WWW

Patents on the WWW

Guest Speaker
Lou Milrad
powerpoint

 Chpt 7 main text
+
Chpt 2 Information Security text
Risks of Insecure Systems
Internal Threats
Risks with Business Partners

Types of attacks
- Criminal Attacks
- Privacy Violations
identity theft
- Publicity Attacks
domain name hacking
- Legal Attacks
- Internal threats

hacking video
 

Data Interception

Viruses

DNS - Denial of
Service Attacks

 Internet Security
Standards

RSA Security

SANS Institute

Chpt 8
Risk Management
- Penetration Testing
- (Tiger Teams)
Threat Modeling & Risk Assessment

Security Policies
and Countermeasures
- Deterrence
- Honey Pots
- Patches

Security
Processes
.compartmentalize
.secure weak link
.use choke points
.defense in depth
.enlist users
.detect attacks

IT Security Audit

Organizational Liability		 Mar 19 Guest Speaker
         Mr. John Florinis
powerpoint Scotiabank

Chpt 10
Cryptography
and Authentification
Cryptography Video
Identification
and Authentification
.Confidentiality
.Integrity
.Authentification
.Non-repudiation

Access Controls

Encryption
Techniques

Key Management
56 bit / 128 bit key

Public Key
Private Key
Encryption

Digital Signatures
Certificate Authorities

email security
. PGP . PEM
Wireless security
RSA & Wireless		 Chpt 11
Firewalls
Firewall Unit

Components of a
Firewall

Functionality

Securing the
Firewall
-policy
-administration

Firewall Limitations

Intrusion Investigation

Chpt 12
E-payment systems

Chpt 14
marketing issues
o web contests and Sweepstakes Promotions
 

 This section is additional supplementary
material

Industry
Associations

Gov't response
to intrusion and threats

National Government Involvement in internet crime and e-business security

CSIS
RCMP
FBI
- Carnivore
Echelon

The Nigerian Scam
scams

Professional
Security
Service
Companies
Jan 8th
Jan 15th
Jan 22nd		 Jan 27 guest speaker
Jan 29 Assg #1 due 
Feb 5 Quiz # 1
Feb 5 Hacking Video
Feb 12		 Feb 19.
Feb 19 Assg #2 due 
Feb 26 no class 
-break week
Mar 5 no class / snow
Mar 12 Guest Speaker
         Mr. Sean Rooney
 www.coldstream.ca		 Mar 19 Guest Speaker
         Mr. John Florinis
powerpoint Scotiabank
Mar 26 Quiz # 2 
Mar 26 Assg #3 due		 Apr 2 M-Choice Quiz # 3
Apr 9
Apr 16 Assg #4 due 		 .
.
.
Every Student should read Seneca's policy on Cheating and Plagiarism.
Cheating and Plagiarism are serious offences.
http://www.senecac.on.ca/home/academic_policy/appe.html		 If you are caught cheating you might receive "0" on the exam, or project, or, you could fail the course. In some cases for serious cheating offences, students have been kicked out of the college.

Most students understand cheating. Plagarism is more subtle, but also a serious offence.
Plagarism includes copying any work, that is not your's, and submitting it for grading, without making reference to the fact that it came from another source. 

Prof. Richardson wishes to remind you that If you "cut and paste" phrases and sentances off the Internet, without using ".", or without saying what URL it came from, this is considered plagarism. If you copy work from another student's website, and submit this for grading, it is also considered cheating, unless you have permission, and say what site it came from.
 
Teachers are trained to catch the most sophisticated and unusual cheating methods - DO NOT try to cheat, there is a very high chance you will be caught.

Tim.Richardson@senecac.on.ca