M.Sc. in Information Security

IY5601 - Application and Business Security Developments

This is an optional course within the Royal Holloway MSc in Information Security.

The Course Description Sheet provides details of the delivery and assessment methods for this course.

Copies of the lecture presentations for the 2005/06 academic year are now available:

• Part A: Introduction to application security design.
• Part B1: Payment and e-commerce applications (Part 1, slides 1-82).
• Part B2: Payment and e-commerce applications (Part 2, slides 83-156).
• Part B3: Payment and e-commerce applications (Part 3, slides 157-223).
• Part B: Payment and e-commerce applications (complete, slides 1-223).
• Part C1: Web Services security (Part 1). [This lecture was prepared by Allan Tomlinson].
• Part C2: Web Services security (Part 2). [This lecture was prepared by Allan Tomlinson].
• Part C3: Web Services security (Part 3). [This lecture was prepared by John MacDonald].
• Part D1: Identity management (Part 1, slides 1-65).
• Part D2: Identity management (Part 2, slides 66-141).
• Part D3: Identity management (Part 3, slides 142-200).
• Part D: Identity management (complete, slides 1-200).
• Part E: Risk assessment for application security. [This lecture was prepared by Lizzie Coles].

This course has the following associated mandatory coursework.

• Coursework B: Payment and e-commerce applications. The deadline for submitting this coursework was Friday February 10th 2006. Worked solutions are now available.
• Coursework C: Web services security. The deadline for submitting this coursework was Friday March 17th 2006. Worked solutions are now available.
• Coursework D: Identity management. This is provided for revision purposes only.

Please submit all coursework by email, as a pdf attachment, to C.Mitchell@rhul.ac.uk.

Links of potential use for this course are as follows

• Copies of the EMV standards, and related documentation, are available from the EMVCo site.
• The Internet (IETF) documents, including current drafts, are all available at the IETF home page. However, expired drafts are not available via this site - fortunately, they are available on the web here.
• For information regarding published ISO standards, see the ISO web site. Note that those ISO standards that are publicly available (only a small number I'm afraid) are available here.

Other security links (including a range of links to security standards pages) are available from Chris Mitchell's home page.

Footnotes

This page was created by Chris Mitchell. Please email all comments and corrections to C.Mitchell@rhul.ac.uk. This page was most recently updated on 6/5/06.

Back to the ISG home page, Back to Royal Holloway Home Page