Information Assurance and Security

ACC 661 Auditing of Advanced Accounting Information Systems (3)

Auditing of modern complex accounting information systems. General & application controls and the design & development of generalized audit software. Auditing of operating systems and database management systems. Privacy & security of data in accounting systems. Audit of on-line systems, management systems. Prerequisite: BACC 681 and BACC 512 or equivalent. http://www.albany.edu/acc/courses/ia/acc661/

CSI 424/CSI 524 Information Security (3)

This course covers the broad spectrum of technical issues surrounding computer security and intrusion detection. Topics considered include: viruses, worms, host- and network-based vulnerabilities and countermeasures, database security, intrusion detection, and privacy and legal issues. Facilities for securing hosts and limiting vulnerability are also discussed. Unlike in a systems administration class, detailed operational issues are not discussed. Prerequisite(s): ICSI 402 or ICSI 400.

CSI 124X Computer Security Basics (3)

An introduction to security in computers and networks for a general audience. The operation of computers and networks is explained to show how they are the basis for attacks. The course will confer a basic but comprehensive understanding of how computer and network attacks (e.g., viruses, worms, denial of service) work. Also, how a general user of computers can defend her or himself from current and future attacks.

CSI 400 Operating Systems (3)

Historical overview; operating system services; mass storage file organization; memory management in multiprogrammed systems; virtual memory; resource allocation; concurrent processes; deadlock detection and prevention; security; the design of contemporary operating systems such as UNIX. Prerequisite(s): ICSI 333. http://www.cs.albany.edu/~sdc/CSI400

CSI 402 Systems Programming (3)

Programming aspects of operating systems. Topics covered include implementation of storage management, resource allocation, multi-processing, scheduling, synchronization, inter-process communication, and terminal I/O. Emphasis on projects to enhance subject understanding, problem solving, and programming skills. Prerequisite(s): Grade of C or better required in ICSI 333. Majors who declared prior to September 1, 2001 will have the grade restriction waived. Normally offered spring semester only. http://www.albany.edu/~CSI402

CSI 416 Computer Communications Networks (3)

Introduction to computer communication networks. Equal emphasis on all layers of the ISO reference model and the TCP/IP protocol suite. Topics include physical networks, sliding window protocols, remote procedure call, routing, naming and addressing, security, authentication, performance, and applications. Prerequisite(s): ICSI 402 and AMAT 367. http://www.cs.albany.edu/~maniatty/teaching/networks/index.html

CSI 424 Information Security (3)

This course covers the broad spectrum of technical issues surrounding computer security and intrusion detection. Topics considered include: viruses, worms, host- and network-based vulnerabilities and countermeasures, database security, intrusion detection, and privacy and legal issues. Facilities for securing hosts and limiting vulnerability are also discussed. Unlike in a systems administration class, detailed operational issues are not discussed. Prerequisite(s): ICSI 402 or ICSI 400. http://www.cs.albany.edu/CSI424/

CSI 426 Cryptography (3)

The making of ciphers to encode information is the subject of cryptography. This course covers the field from its origins in early historic times through its most up-to-date implementations and uses in digital computers. Various ciphers will be shown and their security assessed. This latter is known as cryptanalysis - the attempt to break a cipher in order to read the underlying message. The course will emphasize how cryptography and cryptanalysis are intimately related, and how the arms race between the two has motivated progress throughout their history. Prerequisite(s): ICSI 333 and co-registration in ICSI 403. http://www.cs.albany.edu/~dran/teaching/CSI526/CSI526.html

CSI 500 Operating Systems (4)

Introduction to operating systems. Topics include processes, concurrency, synchronization, deadlock, memory management, segmentation, paging, replacement policies, caching, interprocess communication, file systems, and protection. Heavy emphasis on abstractions, mechanisms, policies, and design. Prerequisites: ICSI 333, ICSI 310, AMAT 367 and one of ICSI 400, 402, or 404.

CSI 516-616 Computer Communications Networks I-II (3)

Introduction to computer communication networks. Equal emphasis on all layers of the ISO reference model and the TCP/IP protocol suite. Topics include physical networks, sliding window protocols, remote procedure call, routing, naming and addressing, security, authentication, performance, and applications. Prerequisites: ICSI 333, ICSI 310, and AMAT 367.

CSI 524 Information Security (3)

This course covers the broad spectrum of technical issues surrounding computer security and intrusion detections. Topics considered include: viruses, worms, host-and network-based vulnerabilities and countermeasures, database security, intrusion detection, and privacy and legal issues. Facilities for securing hosts and limiting vulnerability are also discussed. Unlike in a systems administration class, detailed operational issues are not discussed. Prerequisites: ICSI 500 or permission of instructor.

CSI 526 Cryptography (3)

The making of ciphers to encode information is the subject of cryptography. This course covers the field from its origins in early historic times through its most up-to-date implementations and uses in digital computers. Various ciphers will be shown and their security assessed. This latter is known as cryptoanalysis - the attempt to break cipher in order to read the underlying message. The course will emphasize how cryptography and cryptoanalysis are intimately related, and how the arms race between the two has motivated progress throughout their history. Prerequisites: ICSI 503 and 518.

CRJ 695 Responsible Use of Criminal Justice Information (3)

This course introduces students to the policy implications of the increased usage of information technology in criminal justice. Emphasis is on identifying issues that are important to policy makers and managers of information technology. The discussion is non-technical and the focus is on gaining a broad perspective of the role of information technology in criminal justice rather than learning specific technologies. Topics will include nature of information technology currently in use, future technology needs, legal and ethical concerns regarding information access and expected effects on organizational structure. Prerequisite: Permission of department.

INF 740 Information Security Risk Assessment (online course) (1)

This course provides students with an introduction to the field of information security risk assessment. Initially, the students will be introduced to basic definitions and nomenclature in the area of security assessment. Thereafter they will be taught different approaches for assessment of risk. The course will incorporate cases in risk analysis derived from state and law enforcement agencies. Students will learn how to use a risk analysis matrix for performing both quantitative and qualitative risk analysis. As part of the course, students learn the different threats to incorporate in their risk analysis matrices.

INF 741 Security Policies (1)

This course provides students with an introduction to information security policies. Students will be introduced to sociological and psychological issues in policy implementation in general and then provided with a focused dialogue on information security specific policies. The class discusses the entire lifecycle of policy creation and enactment and presents students with issue specific policies in different domains of security. The structure of the policy is also discussed to assist the students in design and modification of policies. Several examples from different domains are incorporated in the curriculum to assist students to learn in context of real life situations.

INF 766 Special Topics in Information Science: Risk Analysis (1-3)

Special course or seminar on a current problem, issue or development in information science. May be repeated for credit with permission of Ph.D. program director. Prerequisite: admission to Information Science Ph.D. program or permission of Ph.D. program director.

IST 560 Information and Public Policy (3)

Analysis and evaluation of public policies affecting the production, dissemination, and access to information generated by or for the federal government. Topics and issues include concepts of intellectual freedom, the public's right to be informed, freedom of information and privacy legislation, policies on dissemination of information in non-print formats, national security classification, privatizing of government information, issues of equity, and related policy matters.

PAD 511 Special Topics in Public Administration: Homeland Security Applications (1)

This class offers special topics that vary from year to year. Please refer to the latest department schedule for current offerings under this number.