Security, Privacy and Trust Management - CO834

Looking for a different module?

Module delivery information

Location Term Level1 Credits (ECTS)2 Current Convenor3 2020 to 2021
(version 5)
Spring 7 15 (7.5) PROF S Li checkmark-circle


This module investigates the whole process of security management and associated activities such as privacy and trust management. A holistic view of security management is taken, including risk management, the formulation of security policies, business continuity and resilience.
Technical subjects include a description of the various security models, and showing how authorisation policies can be automatically enforced. There is also an emphasis on trust and reputation in systems. The legal and privacy issues associated with information management are also addressed, as are the usability issues of security technologies.


This module appears in the following module collections.

Contact hours

Total contact hours: 42 (22 hours lectures, 20 hours seminars)
Private study hours: 108
Total study hours: 150

Method of assessment

Group presentations (20%)
Final essay (30%)
Examination, 2 hours (50%)

Indicative reading

(Indicative list, current at time of publication. Reading lists will be published annually)
Anderson, R. (2008). Security Engineering. 2nd Edition. Wiley. Available free from
Pfleeger, CP. (2015). Security in Computing. 5th edition. Prentice Hall.
Alexander, D., Finch, A., & Sutton, D. (2013). Information Security Management Principles. BCS.
Smith, S. (2005). Trusted Computing Platforms. Springer. ISBN 0-387-23916-2.
Various RFCs, standards and research papers associated with the syllabus.
Further readings are provided with each lecture.

See the library reading list for this module (Canterbury)

Learning outcomes

On successfully completing the module students will be able to:
8.1 An awareness of the importance of taking a systems-wide approach to maintaining cyber security, and the role of security and privacy risk management.
8.2 An increased understanding of the motivation, design, operation and management of modern systems for security, privacy, and trust management, including awareness of relevant human factors especially usability issues.
8.3 Being aware of legal issues on security, privacy and data protection, and relevant security (management) standards.
8.4 The ability to analyse the security and privacy/data protection requirements of an organisation.
8.5 The ability to apply modern security and privacy by design principles to develop solutions to real world secure systems problems.
8.6 Awareness of appropriate processes, techniques and tools for developing and managing security and privacy protection systems including those for trust and reputation management.
8.7 A basic understanding of business continuity planning and management, incident response and cyber resilience.

9. The intended generic learning outcomes.
On successfully completing the module students will be able to:
9.1 The ability for critical thinking, reasoning and reflection.
9.2 The ability to produce a specification of the operation of a complex system based on an understanding of the component parts.
9.3 The ability to undertake critical appraisal of a candidate system design and reflect upon its merits.
9.4 The ability to generate, analyse, present and interpret data.
9.5 The use of Information and Communications Technology.
9.6 Personal and interpersonal skills, and working as a member of a team.
9.7 To communicate effectively (in writing and verbally).
9.8 Learn effectively for the purpose of continuing professional development.
9.9 The ability to manage time and resources within a potentially complex problem domain.


  1. Credit level 7. Undergraduate or postgraduate masters level module.
  2. ECTS credits are recognised throughout the EU and allow you to transfer credit easily from one university to another.
  3. The named convenor is the convenor for the current academic session.
Back to top

University of Kent makes every effort to ensure that module information is accurate for the relevant academic session and to provide educational services as described. However, courses, services and other matters may be subject to change. Please read our full disclaimer.