Official course description:
Full info last published 24/08-20

Applied information Security

Course info
Language:
English
ECTS points:
7.5
Course code:
KSAPINS1KU
Participants max:
34
Offered to guest students:
yes
Offered to exchange students:
-
Offered as a single subject:
yes
Price (single subject):
10625 DKK (incl. vat)
Programme
Level:
MSc. Master
Programme:
MSc in Software Design
Staff
Course manager
Assistant Professor
Teacher
Postdoc
Teaching Assistant
Assistant Lecturer
Teaching Assistant
Teaching Assistant (TA)
Course semester
Semester
Efterår 2020
Start
24 August 2020
End
31 January 2021
Exam
Exam type
ordinær
Internal/External
ekstern censur
Grade Scale
7-trinsskala
Exam Language
GB
Abstract
This is a hands-on course that teaches the basic principles of computer security. You will get in-depth experience with cyberattacks, and how to prevent them. The course projects enable you to personalize the course to match your unique background.
Description

In this course, you learn how to determine security requirements, and how to identify risks to these requirements. You get hands-on experience with concrete cyberattacks that realize these risks. You learn how to audit a system to determine that an attack has taken place. Most importantly, you get experience with many methods and tools that prevent cyberattacks, including cryptography, authentication, authorization, and isolation. Finally, you learn how to design a user experience such that users can conform to security requirements.

The projects in this course give you the opportunity to immerse yourself in your choice of the many disciplines that underpin computer security, including social sciences, computer systems, programming languages, and mathematics. 

This course provides a window into the activities of security analysts, penetration testers, forensic analysts, security architects, and security engineers. This course can thus function as a starting point for pursuing such careers.

Ultimately, the goal is to enable you to make appropriate security-related decisions. The course does so by teaching you how to think clearly about security, by focusing on basic principles.

Formal prerequisites

Before taking this course you must: 

  1. Be able to design, implement, and test, medium-sized programs in Java, C# or other mainstream programming language.
  2. Have implemented at least two medium-size programming projects.
  3. Know basic algorithms and data structures.
  4. Know basic discrete mathematics.

Third-semester K-SD students fulfill these requirements. These requirements can be satisfied by taking a course on Introductory Programming, Discrete Mathematics, Algorithms and Data Structures, and another course that has a programming project in it.

Finally, you must meet the admission requirements of ITU.

Intended learning outcomes

After the course, the student should be able to:

  • Determine security requirements for a system, and analyze a system for security risks
  • Identify, list, and explain standard cyberattacks on systems.
  • Identify, list, and discuss major principles of computer security.
  • Identify, list, and explain Lampson’s “gold standard” mechanisms for computer security (authentication, authorization, audit).
  • Identify, explain, and apply isolation in computer security.
  • Identify, explain, and apply cryptography in computer security.
  • Describe basic computer forensics techniques.
  • Design and discuss usability in computer security.
Learning activities

Lectures and exercise sessions.

The lectures present the background, theory, and methods needed for achieving the intended learning outcomes, thus facilitating reflection and discussion. The exercise sessions are a mix of problem solving, group work, student presentations, debates, and peer-to-peer feedback, intended to foster active learning.

Mandatory activities

Assignments.

The assignments provide hands-on experience with information security, oriented towards industry practice.

There are 6 assignments. To qualify for the exam, each of your assignments must be approved. If an assignment is not approved, you will be allowed to re-submit one week after the first deadline.

Deadlines are evenly distributed over the semester.

The student will receive the grade NA (not approved) at the ordinary exam, if the mandatory activities are not approved and the student will use an exam attempt.

Course literature

The course literature is published in the course page in LearnIT.

Student Activity Budget
Estimated distribution of learning activities for the typical student
  • Preparation for lectures and exercises: 30%
  • Lectures: 15%
  • Exercises: 15%
  • Assignments: 20%
  • Exam with preparation: 20%
Ordinary exam
Exam type:
D: Submission of written work with following oral, External (7-point scale)
Exam variation:
D2G: Submission for groups with following oral exam supplemented by the submission. Shared responsibility for the report.
Exam submisson description:
The submission documents a project that you do in a group. The topic of the project can be tailored to your unique background.

The exam consists of a short group-presentation of the project, followed by a 20-minute individual oral exam. The topic of the oral exam is the whole syllabus, supplemented by your project submission.
Group submission:
Group
  • 1-4 (2-3 is recommended)
Exam duration per student for the oral exam:
30 minutes
Group exam form:
Mixed exam 2 : Joint student presentation followed by an individual dialogue. The group makes their presentations together and afterwards the students participate in the dialogue individually while the rest of the group is outside the room.



Time and date
Ordinary Exam - submission Mon, 14 Dec 2020, 08:00 - 14:00
Ordinary Exam Mon, 11 Jan 2021, 09:00 - 19:00
Ordinary Exam Tue, 12 Jan 2021, 09:00 - 19:00
Ordinary Exam Wed, 13 Jan 2021, 09:00 - 19:00