Module 26265 (2013)

Syllabus page 2013/2014

06-26265
Introduction to Computer Security
Level 2/I

Tom Chothia
10 credits in Semester 2

Links | Outline | Aims | Outcomes | Prerequisites | Teaching | Assessment | Books | Detailed Syllabus

The Module Description is a strict subset of this Syllabus Page. (The University module description has not yet been checked against the School's.)

Relevant Links

Further information about this module can be found on the module web page .

Outline

The module will introduce a range of topics in computer security, including attacks, vulnerabilities and defences. Both theory and practice are covered.

Aims

The aims of this module are to:

  • introduce the basic terminology, concepts, and standards of computer security
  • familiarise students with the main approaches, algorithms, and protocols used to secure computer systems
  • introduce the basic concepts of website and network security
  • provide a basic knowledge of information security laws and regulations

Learning Outcomes

On successful completion of this module, the student should be able to: Assessed by:
1 describe the basic concepts of computer security Examination, Continuous Assessment
2 demonstrate an understanding of the threats to data stored on a computer, or being sent between computers, and apply techniques to secure that data Examination, Continuous Assessment
3 identify security risks, and suggest appropriate solutions Examination, Continuous Assessment

Restrictions, Prerequisites and Corequisites

Restrictions:

None

Prerequisites:

None

Co-requisites:

None

Teaching

Teaching Methods:

Two one-hour lectures per week for eleven weeks. Plus eleven two-hour weekly lab sessions.

Contact Hours:

44

Assessment

  • Sessional: 1.5 hr examination (80%), continuous assessment (20%).
  • Supplementary (where allowed): By 1.5 hr examination only (100%).

Recommended Books

TitleAuthor(s)Publisher, Date
,
,
,

Detailed Syllabus

  1. Cryptography
    • Symmetric Ciphers, Asymmetric Ciphers, Block cipher modes
    • Encryption in Java
    • Hash functions and password security
  2. Protocols
    • The Diffie-Hellman protocol
    • Key establishment protocols, and their aims
  3. Web security
    • Common web attacks, SQL injection, XXS, CSRF
    • Protecting websites from attack
  4. Application security
    • Memory exploits and buffer overflows
    • Software security
  5. Common Threats and Defences
    • Malware, Botnets
    • Firewall, and security tools
  6. Information Security Policy
    • Standards e.g. PCI-DSS, ISO 27001
    • Laws: e.g. The Computer Misuse Act, The Data Protection Act

Last updated: 9 July 2013

Source file: /internal/modules/COMSCI/2013/xml/26265.xml

Links | Outline | Aims | Outcomes | Prerequisites | Teaching | Assessment | Books | Detailed Syllabus