IT-Universitetet i København
 
  Tilbage Kursusoversigt
Kursusbeskrivelse
Kursusnavn (dansk):Systemarkitektur og -sikkerhed 
Kursusnavn (engelsk):System Architecture and Security 
Semester:Forår 2009 
Udbydes under:cand.it., softwareudvikling og -teknologi (sdt) 
Omfang i ECTS:7,50 
Kursussprog:Engelsk 
Kursushjemmeside:https://learnit.itu.dk 
Min. antal deltagere:12 
Forventet antal deltagere:20 
Maks. antal deltagere:80 
Formelle forudsætninger:Before taking this course:
  • You have implemented at least two medium-size programming projects (7.5 ECTS each)

  • You are able to design, implement, and test medium-sized programs in Java or C#

  • You know basic algorithms and data structures (simple data structures like lists and queues, and data structures for dictionaries)


One way to obtain these prerequisites is by following Object-oriented programming (SOPI) and Performance&Test (SPT) at ITU. If you are an external student you preferably had followed a basic programming and an introductory data structures course.

It is an advantage, but not a requirement, to know some basics of database programming (basic SQL) and web-programming. 
Læringsmål:In this course you learn the following high-level skills:
  • to understand the role of software security and quality in IT Governance

  • to define, evaluate and discuss security requirements for the software you develop

  • to identify security threats for the software you develop

  • to design and evaluate security of software architectures

  • to apply security mechanisms provided by network components, operating systems and hardware to develop secure software

  • to analyze information security

In this course you learn the following low-level skills:
  • to design and implement secure software components, including software for the web, and database backed systems

  • to identify secure communication protocols for your needs

  • to design and deploy authentication solutions

  • to design and deploy encryption solutions

  • to audit Java code for security problems (and other code provided you know the programming platform used to develop it)

  • to use security audit tools for source code (and to a limited extent for networking)

  • to use software maintenance processes and tools to maintain security of software.

  • to track and respond to security advisories for software and hardware components you use

 
Fagligt indhold:The course focuses on development of high quality and secure software systems.
This includes aspects of software architecture, development process and methods, operating systems, hardware, cryptography, networking, protocols, databases and programming, each only as deeply as relevant for security.
Our focus is more on creating high quality secure software, than on securing insecure software.

We shall discuss:

  • security mechanisms in operating systems and hardware (authentication, access privileges, dropping privileges, memory protection) security in networking, including modern layered networking architecture
  • authentication and encryption, secure protocols, information secrecy
  • creating high quality software - development process and methods
  • testing and security
  • methods for development of secure web applications
  • SOA architecture and security
  • vulnerabilities and attacks
 
Læringsaktiviteter:14 ugers undervisning bestående af forelæsninger og øvelser

------------------------------------
I intro-ugen (uge 5) er der ændrede kursustidspunkter - se hvordan undervisningen er tilrettelagt her:
link til skemaoplysninger
Skemaoplysningerne for forårssemesteret vil være tilgængelige fra januar måned.

In the intro week (week 5) the course time table is changed - see the schedule here:
link to the time table
The schedule for the spring term will be available in January.

-------------------------------------

Information om studiestruktur / Information about study structure

Dette kursus er en del af SDT¿s obligatoriske moduler, som du kan finde beskrevet her: SDT studiestruktur
For at blive cand.it. i SDT skal du bestå SDT¿s backbonekurser, og desuden gennemføre en 22,5 ECTS specialisering samt to 7,5 ECTS valgfag.

This course is part of the SDT mandatory modules ¿ find them described here:
SDT study structure
In order to graduate as a MSc in SDT, you need to pass the SDT backbone courses, and also take a 22,5 ECTS specialization and two 7,5 ECTS electives.
 

Eksamensform og -beskrivelse:X. experimental examination form (7-scale; external exam), 7-trins-skala, Ekstern censur

 

Litteratur udover forskningsartikler: Computer Networking: A Top-Down Approach, 4/E
James F. Kurose, Keith W. Ross. Addison-WesleyA 2008.

Building Secure Software. John Viega. Gary McGraw.
Addison-Wesley 2002.
 
 
Afholdelse (tid og sted)
Kurset afholdes på følgende tid og sted:
UgedagTidspunktForelæsning/ØvelserStedLokale
Fredag 10.00-12.00 Forelæsning ITU 2A14
Fredag 13.00-15.00 Øvelser ITU 4A54, 4A58

Eksamen afholdes på følgende tid og sted:
EksamensdatoTidspunktEksamenstypeStedLokale
2009-05-20 Afleveres senest kl. 15.00 Skriftlige arbejder ITU På eksamenskontoret
2009-06-22 Tidsrum oplyses senere Mundtlig eksamen ITU 3A12
2009-06-23 Tidsrum oplyses senere Mundtlig eksamen ITU 3A12