Kursusbasen

Kursusoversigt

Kursusbeskrivelse

Kursusnavn (dansk):	Security, MSc
Kursusnavn (engelsk):	Security, MSc
Semester:	Efterår 2018
Udbydes under:	cand.it., softwareudvikling og -teknologi (sdt)
Omfang i ECTS:	7,50
Kursussprog:	Engelsk
Kursushjemmeside:	https://learnit.itu.dk
Min. antal deltagere:	1
Forventet antal deltagere:	0
Maks. antal deltagere:	25
Formelle forudsætninger:	Before taking this course you must: * have implemented at least two medium-size programming projects (7.5 ECTS each) * be able to design, implement, and test medium-sized programs in Java or C# or other mainstream languages. * know basic algorithms and data structures (e.g., lists, queues, dictionaries) * meet the admission requirements of the IT University. One way to obtain these prerequisites is by following the IT University modules Object Oriented Programming or Foundations of Computing - Algorithms and Data Structures. (It is possible to take the latter course in parallel with this one.) It is an advantage, but not a requirement, to know basics of database programming (SQL), web-programming and Linux/Unix system administration. Moreover the student must always meet the admission requirements of the IT University.
Læringsmål:	After the course students should be able to: • Identify, list, and discuss major principles of IT security • Describe and discuss foundations of computer networking, and apply these to IT security questions. • Apply and relate those principles to the securing of networked server installations • List and analyse standard attacks, especially on web applications in particular • Describe and explain intrusion detection • Identify, list, and explain common security pitfalls of web applications • Identify, describe and explain basic computer forensics techniques • Identify and describe the proper use of cryptography in security • Analyse an IT-system for security risks and reflect on potential improvements of the system
Fagligt indhold:	The course addresses four major topics: * The principal security requirements and attacker models * The fundamental cryptographic tools in Information Security * Internet standards (PKI, TLS) * Practical techniques for penetrating and hardening IT-systems
Læringsaktiviteter:	14 weeks of teaching consisting of lectures and exercises. Coursework takes the following forms: • Lectures • Exercises • Experimental lab work • Project work In project weeks, you are expected to be work independently; there are no lectures or exercise classes. Both teachers and tas will be available for questions in the period via various media, notably on learnit forums and in person at office hours. The course concludes with project work as follows. • Based on a set of functional requirements, you will design and implement a prototypical IT system. • You will conduct a security analysis and devise appropriate security measures for this system. • You will then swap systems with another group, and carry out a security review of this other group's system. ------------------------------------ Information about study structure For students admitted from Autumn 2014 and later this course is part of the SDT AC track mandatory modules. For SDT DE track the course is part of the specialisation in Web Systems
Obligatoriske aktivititer:	To be eligible for the examination, you must: 1. You must submit and have approved 3 mandatory exercise sets. 2. You must submit and have approved 3 mini-projects. 3. You must be present and participate actively in the course conclusion workshop. All deadlines will be announced on the course page on LearnIT. Note that peergrade assignments are not considered approved unless you have both submitted yourself, as well as submitted feedback for at least two other assignments. Be aware: The student will receive the grade NA (not approved) at the ordinary exam, if the mandatory activities are not approved and the student will use an exam attempt
Eksamensform og -beskrivelse:	A11: Skriftlig eksamen (stedprøve) med adgang til internet, skriftlige og trykte hjælpemidler., (7-scale, external exam) A11: Written exam on premises; open book exam; 7-scale, external exam. The duration of the written examination is 4 hours.