Course syllabus

Datasäkerhet
Computer Security

EITA25, 7,5 credits, G1 (First Cycle)

Valid for: 2019/20
Decided by: PLED C/D
Date of Decision: 2019-04-01

General Information

Main field: Technology.
Compulsory for: C2, D3
Elective for: BME4, E4, F4, I4
Language of instruction: The course will be given in Swedish

Aim

The course aims to give the students a good overview of the most relevant areas in computer security. Some areas will be addressed in more detail.

Learning outcomes

Knowledge and understanding
For a passing grade the student must

Competences and skills
For a passing grade the student must

Judgement and approach
For a passing grade the student must

During the course the student should be able to discuss solutions to the projects.

Contents

Introduction: The information technology development of the last decade has made computer security to one of the major and relevant areas when it comes to the use of existing and development of new information systems. Almost daily we see in the press articles about security in computers. We can read about malware in the form of viruses and trojan horses, export control of cryptographic technology, legal data interception, or plain hacks into computers. The goal of the course is to give an overview of the main areas of computer security. Some areas are dealt with in more depth.

Foundation: General principles and definitions in computer security, identification and authentication, access control, trust and security evaluation.

Security Models: Bell-LaPadula, Biba, Clark-Wilson, Chinese wall.

Security evaluation: Orange Book, ITSEC, Common Criteria.

Cryptographic algorithms: Encryption methods, hash algorithms, digital signing, digital certificates, X509, notion of public-key infrastructure (PKI).

Computer system Security: Operating system security, security in Unix/Linux, Windows, Java.

Security problems: Malware, attacks, buffer overflow, software security.

Distributed systems: Access control, Kerberos, firewalls, intrusion detection, key distribution.

Networks: Security in the Internet and radio networks like GSM/UMTS and WLAN. Security protocols TLS, SSL, IPSEC.

Security in databases: Access control, information leakage and inference.

The course also includes two projects. The result will be summarized in a technical report and also presented on a seminar.

The course is primarily given in Swedish, but som parts of the course might be given in English.

Examination details

Grading scale: TH - (U,3,4,5) - (Fail, Three, Four, Five)
Assessment: Laboratories, projects and online home assignments are required for grade 3 and passing the course. In addition, grade 4 or 5 can be obtained from an optional written exam. Approved home assignments are required for taking the written exam.

The examiner, in consultation with Disability Support Services, may deviate from the regular form of examination in order to provide a permanently disabled student with a form of examination equivalent to that of a student without a disability.

Parts
Code: 0117. Name: Laboratory Work.
Credits: 2. Grading scale: UG. Assessment: Active participation in laboratory work.
Code: 0217. Name: Project.
Credits: 2. Grading scale: UG. Assessment: Project report plus presentation.
Code: 0317. Name: Examination.
Credits: 3,5. Grading scale: TH. Assessment: Online home assignments. For grade 4 or 5 a written exam is required.

Admission

Required prior knowledge: EDA011/EDAA50, EDA016/EDAA45 or EDA017/EDAA55 Programming, First Course.
The number of participants is limited to: No
The course overlaps following course/s: EIT060

Reading list

Contact and other information

Course coordinator: Dr. Martin Hell, martin.hell@eit.lth.se
Course homepage: http://www.eit.lth.se/course/eita25