IT-Universitetet i København
 
  Tilbage Kursusoversigt
Kursusbeskrivelse
Kursusnavn (dansk):Systemarkitektur og -sikkerhed 
Kursusnavn (engelsk):System Architecture and Security 
Semester:Efterår 2009 
Udbydes under:cand.it., softwareudvikling og -teknologi (sdt) 
Omfang i ECTS:7,50 
Kursussprog:Engelsk 
Kursushjemmeside:https://blog.itu.dk/SSAS-E2009/ 
Min. antal deltagere:12 
Forventet antal deltagere:20 
Maks. antal deltagere:80 
Formelle forudsætninger:Before taking this course:
  • You have implemented at least two medium-size programming projects (7.5 ECTS each)

  • You are able to design, implement, and test medium-sized programs in Java or C#

  • You know basic algorithms and data structures (simple data structures like lists and queues, and data structures for dictionaries)


One way to obtain these prerequisites is by following the IT University modules Object Oriented programming - Introduction (SOPI) and Performance&Test (SPT). If you are an external student you preferably had followed a basic programming and an introductory data structures course.

It is an advantage, but not a requirement, to know some basics of database programming (basic SQL) and web-programming. 
Læringsmål:In this course you learn the following high-level skills:
  • to understand the role of software security and quality in IT Governance

  • to define, evaluate and discuss security requirements for the software you develop

  • to identify security threats for the software you develop

  • to design and evaluate security of software architectures

  • to apply security mechanisms provided by network components, operating systems and hardware to develop secure software

  • to analyze information security

In this course you learn the following low-level skills:
  • to design and implement secure software components, including software for the web, and database backed systems

  • to identify secure communication protocols for your needs

  • to design and deploy authentication solutions

  • to design and deploy encryption solutions

  • to audit Java code for security problems (and other code provided you know the programming platform used to develop it)

  • to use security audit tools for source code (and to a limited extent for networking)

  • to use software maintenance processes and tools to maintain security of software.

  • to track and respond to security advisories for software and hardware components you use

 
Fagligt indhold:The course focuses on development of high quality and secure software systems.
This includes aspects of software architecture, development process and methods, operating systems, hardware, cryptography, networking, protocols, databases and programming, each only as deeply as relevant for security.
Our focus is more on creating high quality secure software, than on securing insecure software.

We shall discuss:

  • security mechanisms in operating systems and hardware (authentication, access privileges, dropping privileges, memory protection) security in networking, including modern layered networking architecture
  • authentication and encryption, secure protocols, information secrecy
  • creating high quality software - development process and methods
  • testing and security
  • methods for development of secure web applications
  • SOA architecture and security
  • vulnerabilities and attacks
 
Læringsaktiviteter:14 ugers undervisning bestående af forelæsninger og øvelser

------------------------------------

Se hvordan undervisningen er tilrettelagt her:
link til skemaoplysninger
Skemaoplysningerne vil være tilgængelige fra kort før semesterstart.

See the schedule here:
link to the time table
The schedule will be available shortly before the beginning of the term.

-------------------------------------

Information om studiestruktur / Information about study structure

Dette kursus er en del af SDT's obligatoriske moduler, som du kan finde beskrevet her: SDT studiestruktur
For at blive cand.it. i SDT skal du bestå SDT's backbonekurser, og desuden gennemføre en 22,5 ECTS specialisering samt to 7,5 ECTS valgfag.

This course is part of the SDT mandatory modules - find them described here:
SDT study structure
In order to graduate as a MSc in SDT, you need to pass the SDT backbone courses, and also take a 22,5 ECTS specialization and two 7,5 ECTS electives.
 

Eksamensform og -beskrivelse:X. experimental examination form (7-scale; external exam), 7-trins-skala, Ekstern censur

 

Litteratur udover forskningsartikler:Software Security: Building Security in
Gary Mac Graw
Addison-Wesley Software Security Series


24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them (Paperback)
by Michael Howard (Author), David LeBlanc (Author), John Viega (Author)
# Publisher: McGraw-Hill Osborne Media; 1 edition
 
 
Afholdelse (tid og sted)
Kurset afholdes på følgende tid og sted:
UgedagTidspunktForelæsning/ØvelserStedLokale
Fredag 10.00-12.00 Forelæsning ITU 4A16 (Lectures 11-13)
Fredag 13.30-15.30 Øvelser ITU 4A56, 4A58

Eksamen afholdes på følgende tid og sted:
EksamensdatoTidspunktEksamenstypeStedLokale
2009-12-16 Før kl. 15 Skriftlige arbejder ITU Lokale oplyses senere
2010-01-05 Kontakt kursusansvarlig Mundtlig eksamen ITU Aud 4
2010-01-06 Kontakt kursusansvarlig Mundtlig eksamen ITU Aud 4