-
module content
Computer systems store, process and communicate a wide variety of data. Much of this data is private and the improper access to it can be very expensive. Securing computer systems against malicious attacks or even against inadvertent damage is vital.
This module will cover computer system security at the more general policy/strategy and overall system level. It will look low level primitive mechanisms such as encryption algorithms or protocols. Practical work will involve the analysis or investigation of some security component using appropriate tools.
module description
The module covers the major threats and risks that affect the security of a network and the systems that rely on it (network security), and the major threats to data (data security). It aims to counter these threats and to minimise risks with technical mechanisms
structure
The material will be presented through a combination of lectures, tutorials/practical exercises (in groups of 25 students). Students will be expected to read around the lecture topics and to work on assignments in their own time.
This module uses a number of teaching methods to provide the student with appropriate knowledge and understanding of the material in the module. The continual practical work will assist the student in understanding the material presented and also to support the development of practical skills this module aims to achieve.
PREREQUISITES
Although it is currently indicated that there are no pre-requisites for this course, to benefit the most from the course, students taking this course are expected to have the following background:
• Basic knowledge of: Java programming, operating systems, data structures, database systems and networks.
• Basic mathematics: undergraduate mathematics, some knowledge about mathematical logic
undertaking projects, and oral exams
Topics include:
• Introduction to information security
• security models,
• access control policies,
• risk analysis
• cryptographic algorithms, public-key cryptography
• Identification authentication (smart cards, biometrics, etc)
• Public Key Infrastructure,
• secure operating systems,
• secure database systems,
• secure electronic commerce
• web security
• privacy and anonymity on web
• legal framework on information security
1. Cryptography and Network Security: Principles and Practice, 4th Edition, Upper Saddle River, NJ: Prentice Hall. ISBN 0-13-187316-4
2. William Stallings, Lawrie Brown, Computer Security: Principles and Practices, 2008, ISBN: 9780136004240
3. Pfleeger, C.P., S. L. Pfleeger, Security in Computing, Prentice Hall, 4th Edition, ISBN: 978-0132390774