Syllabus academic year 2011/2012
(Created 2011-09-01.)
COMPUTER SECURITYEIT060
Credits: 7,5. Grading scale: TH. Cycle: G1 (First Cycle). Main field: Technology. Language of instruction: The course will be given in Swedish. Compulsory for: C2, D3. Optional for: E4, E4ks, F4. Course coordinator: Dr. Martin Hell, martin.hell@eit.lth.se, Electrical and Information Technology. Recommended prerequisits: Java programming capability. Assessment: Written exam (5 hours). Laboratories and project are also required to pass the course. Parts: 3. Home page: http://www.eit.lth.se/course/eit060.

Aim
The course aims to give the students a good overview of the most relevant areas in computer security. Some areas will be addressed in more detail.

Knowledge and understanding
For a passing grade the student must

Skills and abilities
For a passing grade the student must

Judgement and approach
For a passing grade the student must

During the course you have to present and discuss your solution of home assignments and projects

Contents
Introduction: The information technology development of the last decade has made computer security to one of the major and relevant areas when it comes to the use of existing and development of new information systems. Almost daily we see in the press articles about security in computers. We can read about malware in the form of viruses and trojan horses, export control of cryptographic technology, legal data interception, or plain hacks into computers. The goal of the course is to give an overview of the main areas of computer security. Some areas are dealt with in more depth.

Foundation: General principles and definitions in computer security, identification and authentication, access control, trust and security evaluation.

Security Models: Bell-LaPadula, Biba, Clark-Wilson

Cryptographic algorithms: Encryption methods, digital signing, digital certificates, X509, notion of public-key infrastructure (PKI), marking.

Computer system Security: Operating system security, security in Unix/Linux, Windows, Java.

Security problems: Malware, attacks, buffer overflow, software security.

Distributed systems: Access control, Kerberos, firewalls, intrusion detection,

Networks: Security in the Internet and radio networks like GSM/UMTS and WLAN. Security protocols TLS, SSL, IPSEC.

Security in databases: Access control, information leakage, polyinstantiation

Literature
D. Gollman, Computer security, 3rd ed, ISBN 9780470741153

Parts

Code: 0111. Name: Examination.
Higher education credits: 3,5. Grading scale: TH. Assessment: Written examination.

Code: 0211. Name: Laboratory Work.
Higher education credits: 2. Grading scale: UG. Assessment: Active participation in laboratory work.

Code: 0311. Name: Project.
Higher education credits: 2. Grading scale: UG. Assessment: Project report plus presentation.