IT-Universitetet i København
  Tilbage Kursusoversigt
Kursusnavn (dansk):Systemarkitektur og -sikkerhed 
Kursusnavn (engelsk):System Architecture and Security 
Semester:Efterår 2010 
Udbydes, softwareudvikling og -teknologi (sdt) 
Omfang i ECTS:7,50 
Min. antal deltagere:12 
Forventet antal deltagere:20 
Maks. antal deltagere:80 
Formelle forudsætninger:Before taking this course:
  • You have implemented at least two medium-size programming projects (7.5 ECTS each)

  • You are able to design, implement, and test medium-sized programs in Java or C#

  • You know basic algorithms and data structures (simple data structures like lists and queues, and data structures for dictionaries)

One way to obtain these prerequisites is by following the IT University modules Object Oriented programming - Introduction (SOPI) and Performance&Test (SPT) or Foundations of Computing - Algorithms and Data Structures. If you are an external student you preferably had followed a basic programming and an introductory data structures course.

It is an advantage, but not a requirement, to know some basics of database programming (basic SQL) and web-programming. 
Læringsmål:After the course students should be able to:

  • to discuss the role of software security and quality in IT Governance

  • to define, evaluate and discuss security requirements for the software you develop

  • to identify security threats for the software you develop

  • to design and evaluate security of software architectures

  • to apply security mechanisms provided by network components, operating systems and hardware to develop secure software

  • to analyze information security

  • to design and implement secure software components, including software for the web, and database backed systems

  • to identify secure communication protocols for your needs

  • to design and deploy authentication solutions

  • to characterize encryption solutions

  • to audit code for security problems

  • to use security audit tools for source code (and to a limited extent for networking)

  • to use software development processes and tools to build security into software.

  • to track and respond to security advisories for software and hardware components you use

Fagligt indhold:The course focuses on development of high quality and secure software systems.
This includes aspects of software architecture, development process and methods, operating systems, hardware, cryptography, networking, protocols, databases and programming, each only as deeply as relevant for security.
Our focus is more on creating high quality secure software, than on securing insecure software.

We shall discuss:

  • security mechanisms in operating systems and hardware (authentication, access privileges, dropping privileges, memory protection) security in networking, including modern layered networking architecture
  • authentication and encryption, secure protocols, information secrecy
  • creating high quality software - development process and methods
  • testing and security
  • methods for development of secure web applications
  • SOA architecture and security
  • vulnerabilities and attacks
Læringsaktiviteter:14 ugers undervisning bestående af forelæsninger og øvelser

You have in teams to design and implement an application, from reqiurements that change during the course. Especially you have to design the general architecture and security architecture, and use correct testing tools to assure the quality of your software.


Se hvordan undervisningen er tilrettelagt her:
link til skemaoplysninger
Skemaoplysningerne vil være tilgængelige fra kort før semesterstart.

See the schedule here:
link to the time table
The schedule will be available shortly before the beginning of the term.


Information about study structure

For students admitted before August 2010, this course is part of the SDT mandatory modules. For students admitted after August 2010, this course is optional. 

Eksamensform og -beskrivelse:X. experimental examination form (7-scale; external exam), 7-trins-skala, Ekstern censur

The application project is part of the assessment.  

Litteratur udover forskningsartikler:Software Security: Building Security in
Gary Mac Graw
Addison-Wesley Software Security Series

24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them (Paperback)
by Michael Howard (Author), David LeBlanc (Author), John Viega (Author)
# Publisher: McGraw-Hill Osborne Media; 1 edition
Afholdelse (tid og sted)
Kurset afholdes på følgende tid og sted:
Fredag 08.30-10.30 Forelæsning ITU 4A16
Fredag 10.45-12.45 Øvelser ITU 4A16, 4A56, 4A58

Eksamen afholdes på følgende tid og sted:
2010-12-15 No later than 3 PM Skriftlige arbejder ITU The Examination Office
2011-01-21 Please contact the course manager Mundtlig eksamen ITU 4A22
2011-01-24 Please contact the course manager Mundtlig eksamen ITU 4A22