This is an introductory course on information security. The course focuses on introductory aspects of analysis, design and implementation of secure software.
Security is a fundamental aspect that is necessary to take care of in today's development of software.
The student taking this course will have an introductory knowledge on attacker models, cryptographic tools and principal security protocol from real-world scenarios.
The course addresses five major topics:
- The principal security requirements and attacker models
- The fundamental cryptographic tools in Information Security
- Primary security protocols and Internet standards (PKI, TLS)
- Practical techniques for penetrating and hardening IT-systems
Formal prerequisitesBefore taking this course you must: 1. be familiar with C and Operating Systems 2. be familiar with computer networks 3. be superficially familiar with scripting languages 4. be familiar with the SQL query language 5. know basic algorithms and data structures 6. have implemented at least two medium-size programming projects (7.5 ECTS each) 7. be able to design, implement, and test medium-sized programs in Java or C# or other mainstream languages. 8. be familiar with basic discrete mathematics BSWU graduates fulfil these requirements. Otherwise, individual requirements can be satisfied by taking the BSWU courses: (1) Operating Systems and C, (2) Mobile and Distributed systems, (4) Introduction to Database Design, (5) Algorithms and Data Structures, (6,7) Analysis, Design and Software Architecture, (8) Foundations of Computing - Discrete Mathematics. The student must always meet the admission requirements of the IT University.
Intended learning outcomes
After the course, the student should be able to:
- Describe, relate, and discuss basic security principles
- Identify and describe access control techniques
- Identify, describe, and evaluate design approaches meeting specific security requirements
- Illustrate, analyse, and evaluate security standards
- Identify and describe the proper use of cryptography in security
- Describe and compare most common attack practices
- Describe and explain intrusion detection and prevention
- Analyse an IT-system for security risks and reflect on potential improvements of the system
Ordinary examExam type:
C: Submission of written work, External (7-point scale)
C22: Submission of written work – Take home