Syllabus 2010/2011 EIT060

Syllabus academic year 2010/2011
(Created 2010-07-25.)

COMPUTER SECURITY

EIT060

Credits: 7,5. Grading scale: TH. Cycle: G1 (First Cycle). Main field: Technology. Language of instruction: The course will be given in Swedish. Compulsory for: C2, D3. Optional for: E4, E4ks, F4. Course coordinator: Dr. Martin Hell, martin.hell@eit.lth.se, Electrical and Information Technology. Recommended prerequisits: Java programming capability. Assessment: Written exam (5 hours). Laboratories and project are also required to pass the course. Parts: 3. Home page: http://www.eit.lth.se/course/eit060.

Aim
The course aims to give the students a good overview of the most relevant areas in computer security. Some areas will be addressed in more detail.

Knowledge and understanding
For a passing grade the student must

Describe the general problems that are addressed by computer security
Classify security problems in relation to the different areas within computer security
Describe different building blocks used in computer security

Skills and abilities
For a passing grade the student must

Provide overview descriptions of systems that will add security into a technical system
Show that you are capable to perform a basic analysis of a security problem

Judgement and approach
For a passing grade the student must

During the course you have to present and discuss your solution of home assignments and projects

Contents
Introduction: The information technology development of the last decade has made computer security to one of the major and relevant areas when it comes to the use of existing and development of new information systems. Almost daily we see in the press articles about security in computers. We can read about malware in the form of viruses and trojan horses, export control of cryptographic technology, legal data interception, or plain hacks into computers. The goal of the course is to give an overview of the main areas of computer security. Some areas are dealt with in more depth.

Foundation: General principles and definitions in computer security, identification and authentication, access control, trust and security evaluation.

Security Models: Bell-LaPadula, Biba, Clark-Wilson

Cryptographic algorithms: Encryption methods, digital signing, digital certificates, X509, notion of public-key infrastructure (PKI), marking.

Computer system Security: Operating system security, security in Unix/Linux, Windows, Java.

Security problems: Malware, attacks, buffer overflow, software security.

Distributed systems: Access control, Kerberos, firewalls, intrusion detection,

Networks: Security in the Internet and radio networks like GSM/UMTS and WLAN. Security protocols TLS, SSL, IPSEC.

Security in databases: Access control, information leakage, polyinstantiation

Literature
Gollmann D.: Computer Security. second edition (ISBN 0470862939)

Parts

Code: 0111. Name: Examination.
Higher education credits: 3,5. Grading scale: TH. Assessment: Written examination.

Code: 0211. Name: Laboratory Work.
Higher education credits: 2. Grading scale: UG. Assessment: Active participation in laboratory work.

Code: 0311. Name: Project.
Higher education credits: 2. Grading scale: UG. Assessment: Project report plus presentation.