ICOM6045A - Fundamentals of e-commerce security

Semester 1, 2022-23

Professor	K. P. Chow
Teaching assistant	[TBA]
Syllabus	This course provides an in-depth understanding of basic security problems and relevant e-commerce solutions, while helping students implement today’s most advanced security technologies, such as designing secure Web, e-commerce, and mobile commerce applications, securing corporate internal network, and providing secure employee/user authentication.  Key topics include: Security mechanisms, key management and certificates, payment security services, communication network and network access layer security, Internet layer security and transport layer security, application layer security, hypertext transfer protocol, web server security, web client security, mobile code security, mobile agent security, mobile commerce security. Mutually exclusive with: COMP7906 Introduction to cyber security
Learning Outcomes	Course Learning Outcomes Relevant Programme Learning Outcome CLO1. Be able to understand basic security problems and relevant e-commerce solutions PLO. 7, 8, 9 CLO2. Be able to analyse the security risk of a e-commerce system and apply security measures accordingly PLO. 7, 9, 11, 16 CLO3. Be able to understand and implement today's most advanced security technologies PLO. 7, 8, 9, 10, 11 View Programme Learning Outcomes
Topics covered	Course Content No. of Hours Course Learning Outcomes 1. Introduction and cryptography 3.0 CLO1 2. Access control 3.0 CLO2 3. Public key cryptography 3.0 CLO2 4. PKI & communication security 3.0 CLO2 5. Internet layer security 3.0 CLO2 6. Security architecture case study 3.0 CLO2, CLO3 7. Threat assessment and security testing 3.0 CLO2, CLO3 8. HTTP security and web security 3.0 CLO1, CLO2 9. Mobile code and mobile commerce security 3.0 CLO2, CLO3 10. Project discussion and course review  3.0 CLO1, CLO2, CLO3
Assessment	Description Type Weighting * Tentative Assessment Period / Examination Period ^ Course Learning Outcomes Assignments Continuous Assessment 40% - CLO1, CLO2, CLO3 Written examination covering all the taught contents in the course Written Examination 60% 8 - 23 December 2022 CLO1, CLO2, CLO3 * The weighting of coursework and examination marks is subject to approval ^ The exact examination date uses to be released when all enrolments are confirmed after add/drop period by the Examinations Office.  Students are obliged to follow the examination schedule.  Students should NOT enrol in the course if they are not certain that they will be in Hong Kong during the examination period.  Absent from examination may result in failure in the course. There is no supplementary examination for all MSc curriculums in the Faculty of Engineering.
Course materials	Dieter Gollmann, Computer Security, Wiley; 3 edition.
Session dates	Date Time Venue Remark Session 1 18 Oct 2022 (Tue) 7:00pm - 10:00pm CYC-P1 Face-to-face Session 2 20 Oct 2022 (Thu) 7:00pm - 10:00pm CYC-P1 Face-to-face Session 3 25 Oct 2022 (Tue) 7:00pm - 10:00pm CYC-P1 Face-to-face Session 4 27 Oct 2022 (Thu) 7:00pm - 10:00pm CYC-P1 Face-to-face Session 5 1 Nov 2022 (Tue) 7:00pm - 10:00pm CYC-P1 Face-to-face Session 6 8 Nov 2022 (Tue) 7:00pm - 10:00pm CYC-P1 Face-to-face Session 7 15 Nov 2022 (Tue) 7:00pm - 10:00pm CYC-P1 Face-to-face Session 8 22 Nov 2022 (Tue) 7:00pm - 10:00pm CYC-P1 Face-to-face Session 9 29 Nov 2022 (Tue) 7:00pm - 10:00pm CYC-P1 Face-to-face Session 10 30 Nov 2022 (Wed) 7:00pm - 10:00pm CYC-P1 Face-to-face CYC - Chong Yuet Ming Chemistry Building
Add/drop	1 September, 2022 - 20 October, 2022
Maximum class size	110