Information Security

(Sist oppdatert: $Date$)


General arrangements and requirements


Portfolio assignment

Weekly Sessions

We have one 4h and one 2h session per week. The sessions will be more or less interactive, and active participation is essential to learn the material. The 4h session will combine lecturing, discussions and various forms of group work, with lecturing. For these session it is essential that you bring

Assessment and Mandatory Coursework

The assessment is based on a portfolio submitted at the end of term, including a number of mandatory exercises previously submitted, and a longer report.

As a general rule, there is a mandatory submission every week, with deadline Monday morning 6.00am in fronter. There might some odd weeks without a submission.

The mandatory exercises must be submitted on time. I may accept one -1- slip per student, but if you slip up twice you'll need a medical note to be examined this semester. These exercises will normally be subject to discussion in class, and you are allowed to revise them prior to the end-of-term portfolio submission.


No lecture tomorrow (31 October 2011)

Tomorrow, I recommend a lecture in Naftadjupet at 11.00am, on how to get work in the Maritim Industry.

There will be no lecture, as I covered the material today, and to avoid conflict with the other talk.

Changing portfolio topic (31 October 2011)

If you change your mind about the topic for the final exercise, you may change it, but you need my approval for whatever the new topic is, and your (revised) proposal should include an outline for your report.

Guest lecture(s) (26 October 2011)

On Tuesday 8 November (usual time) there will be a guest lecture by Ms. Monica Juliebø. Her company delivers software solutions and training for public sector, including a risk management module. This module covers risk in general, including information risk. She will give an overview of the challenges her clients face in terms of security, and explain how their software is used to support risk management.

I also expect a guest lecture in the last week, but this has yet to be finalised with the speaker.

Selected topic for portfolio (24 October 2011)

I have seen many good topics, but few have suggested an outline for their report. There is always a risk in such an exercise of considering too broad a topic, making a vague and shallow report attempting to cover to much.

Consequently, I would suggest that most of you write an outline early in the process, and present it to me asking for feedback. This is just an offer if you want it. I might be able to suggest some elements to include in a good report, or just confirm your own approach.

Exercise example (17 October 2011)

After popular demand, I have created a crude example of part of an answer for Ex. 6.

End of Semester (23 September 2011)

The deadline for final submission of the portfolio has been set for 28 November 2011 (end of day). This has to be submitted both in Fronter and in two hardcopies for the student administration. The latter is a requirement in the college regulations that I was not aware of before.

The portfolio will include all the weekly exercises, as well as one slightly longer exercise on a topic of your choice (details to follow). A specification of your selected task will have to be submitted by 24 October, as a normal weekly exercise.

The last lecture will be Monday 14 November. On Thursday 24 November 9-11am, I shall be available in my office for any last minute questions about the portfolio. I will be out of town 17-23 November.

Core textbooks (23 August 2011)

The problem

There seems to have been a bit of misunderstanding with the library and bookshop about the core textbooks. The Norwegian handbook is available both in the library and the bookshop, but the American ones are not.

The bookshop will order some copies of Whitman and Mattord, but I gather most of you will use online store anyway. Apparently they have had little sales for computing textbooks in the past, for that very reason.

I am checking out what has happened at the library. It is possible that it is only the delivery time which is long. I'll keep this page posted. Hopefully, they will get them in the near future.


If you have trouble finding the right textbook at the right time, please remember that all of the information is available from other sources. The standards documents on the reading list are important and obviously, and should be at the centre of your reading alongside lecture notes.

Random web pages as well as wikipedia are often very good, but it may be very difficult to assess there credibility. If you can match such sources against others to validate them, you will know when to trust them. This requires advanced study techniques which are well worth aquiring as you may need them in your professional career.

If you need any help in assessing given sources, please ask...

And by the way

There is a second title by Whitman and Mattord available in the bookshop: Management of Information Security which looks like a good one. That is, I want to read it myself. It seems to reuse much of the material from their other book, and might fit the course as well.

Hans Georg Schaathun /