Course syllabus

Datasäkerhet
Computer Security

EIT060, 7,5 credits, G1 (First Cycle)

Valid for: 2014/15
Decided by: Education Board A
Date of Decision: 2014-04-07

General Information

Main field: Technology.
Compulsory for: C2, D3
Elective for: E4, F4
Language of instruction: The course will be given in Swedish

Aim

The course aims to give the students a good overview of the most relevant areas in computer security. Some areas will be addressed in more detail.

Learning outcomes

Knowledge and understanding
For a passing grade the student must

• Describe the general problems that are addressed by computer security
• Classify security problems in relation to the different areas within computer security
• Describe different building blocks used in computer security

Competences and skills
For a passing grade the student must

• Provide overview descriptions of systems that will add security into a technical system
• Show that you are capable to perform a basic analysis of a security problem

Judgement and approach
For a passing grade the student must

During the course the student should be able to discuss solutions to the projects.

Contents

Introduction: The information technology development of the last decade has made computer security to one of the major and relevant areas when it comes to the use of existing and development of new information systems. Almost daily we see in the press articles about security in computers. We can read about malware in the form of viruses and trojan horses, export control of cryptographic technology, legal data interception, or plain hacks into computers. The goal of the course is to give an overview of the main areas of computer security. Some areas are dealt with in more depth.

Foundation: General principles and definitions in computer security, identification and authentication, access control, trust and security evaluation.

Security Models: Bell-LaPadula, Biba, Clark-Wilson, Chinese wall.

Security evaluation: Orange Book, ITSEC, Common Criteria.

Cryptographic algorithms: Encryption methods, hash algorithms, digital signing, digital certificates, X509, notion of public-key infrastructure (PKI).

Computer system Security: Operating system security, security in Unix/Linux, Windows, Java.

Security problems: Malware, attacks, buffer overflow, software security.

Distributed systems: Access control, Kerberos, firewalls, intrusion detection, key distribution.

Networks: Security in the Internet and radio networks like GSM/UMTS and WLAN. Security protocols TLS, SSL, IPSEC.

Security in databases: Access control, information leakage and inference.

Examination details

Grading scale: TH
Assessment: Written exam (5 hours). Laboratories and project are also required to pass the course.

Parts
Code: 0111. Name: Examination.
Credits: 3,5. Grading scale: TH. Assessment: Written examination.
Code: 0211. Name: Laboratory Work.
Credits: 2. Grading scale: UG. Assessment: Active participation in laboratory work.
Code: 0311. Name: Project.
Credits: 2. Grading scale: UG. Assessment: Project report plus presentation.

Admission

Required prior knowledge: Java programming capability.
The number of participants is limited to: No

Reading list

• D. Gollman: Computer security, 3rd ed. ISBN: 9780470741153.

Contact and other information

Course coordinator: Dr. Martin Hell, martin.hell@eit.lth.se
Course homepage: http://www.eit.lth.se/course/eit060