Official course description, subject to change:
Preliminary info last published 21/08-20

Advanced Security

Course info
Language:
English
ECTS points:
15.0
Course code:
KSADSEC1KU
Participants max:
15
Offered to guest students:
yes
Offered to exchange students:
-
Offered as a single subject:
yes
Price (single subject):
21250 DKK (incl. vat)
Programme
Level:
MSc. Master
Programme:
MSc in Computer Science
Staff
Course semester
Semester
Efterår 2021
Start
30 August 2021
End
31 December 2021
Exam
Exam type
ordinær
Internal/External
ekstern censur
Grade Scale
7-trinsskala
Exam Language
GB
Abstract

You will take this course as part of the security specialization.  The course will prepare you to develop  software that must run reliably and securely in adversarial environments.   You must have taken Security 1 and Security 2 as well as Discrete Mathematics and a programming course to be admitted to this course.

Description

This is the advanced course in the Security specialization.

This course will cover advanced aspects of information security that will enable you to develop software that can run securely and reliably in adversarial environments.  The course includes technical and social elements. The course is organized in six modules.

  1. Cryptographic protocols.  In this module you will learn about cryptographic protocols, how to design them and how to ensure that they are actually secure.
  2.  Accountability.  In this module we discuss how to design protocols that are not only secure, but that have the property to be able to assign blame in the case something does go wrong.
  3. Information Flow Control. In this module you learn how to prove that a program preserves the confidentiality and integrity of information. You will see tools that help programmers write information-flow secure programs, and learn the theory that makes these tools possible.
  4. Usable Security.  In this module you will learn how  to secure not only the software, but entire process from creation to end-user usability paying particular attention to the operational environment in which the software will be used.
  5. Code Scanning. In this module we discuss  tools to identify security vulnerabilities in your software automatically.  You will learn the way these tools work and how to apply them.
  6. Attack Trees. This final module is about a technique that will allow you to think about possible attack vectors of socio-technical systems and how to evaluate them.

After the course, you will understand how security vulnerabilities are introduced into software and you will be able to use tools to eliminate them.

Formal prerequisites
  1. Security 1
  2. Security 2
  3. Discrete Mathematics
  4. Introduction to Programming


Intended learning outcomes

After the course, the student should be able to:

  • Create cryptographic protocols
  • Analyze techniques to achieve accountability
  • Analyze information flow control techniques
  • Apply usability security design techniques
  • Formulate real-world scenario using attack trees
Ordinary exam
Exam type:
B: Oral exam, External (7-point scale)
Exam variation:
B22: Oral exam with no time for preparation.