Undergraduate Course: Computer Security (INFR10067)
Course Outline
| School | School of Informatics |
College | College of Science and Engineering |
| Credit level (Normal year taken) | SCQF Level 10 (Year 3 Undergraduate) |
Availability | Available to all students |
| SCQF Credits | 20 |
ECTS Credits | 10 |
| Summary | Computer Security is concerned with the protection of computer systems and their data from threats which may compromise integrity, availability, or confidentiality; the focus is on threats of a malicious nature rather than accidental. This course aims to give a broad understanding of computer security. Topics include security risks, attacks, prevention and defence methods; techniques for writing secure programs; an overview of the foundations for cryptography, security protocols and access control models.
***This course replaces INFR10058 Computer Security (10 credits).*** |
| Course description |
The goal of this course is to introduce students to fundamental security concepts and offer them working knowledge of threats and counter-measures.
The topics covered in the course are:
- Introduction: fundamental concepts, access control models, threat modelling.
- Network security: basic networking concepts, DoS, Transport layer security, Link layer security, DNS attacks, Firewalls, Intrusion detection.
- Usable security: basic human factors, warning design, phishing, authentication, device authentication.
- Cryptography: symmetric ciphers, asymmetric ciphers, MACs and hash functions, digital signatures.
- Cryptographic protocols: identification, authentication and key agreement, SSL/TLS, anonymity protocols, TOR.
- OS security: OS concepts, memory and file system, access control, file permissions, memory safety, stack-based buffer overflows.
- Malware: viruses, trojan horses, worms, rootkits.
- Web security: WWW basics, client-side attacks, session hijacking XSS, CSRF, defences, server-side attacks, SQL injection, RFI, LFI.
|
Entry Requirements (not applicable to Visiting Students)
| Pre-requisites |
|
Co-requisites | |
| Prohibited Combinations | |
Other requirements | This course is open to all Informatics students including those on joint degrees. For external students where this course is not listed in your DPT, please seek special permission from the course organiser (lecturer).
For some parts of the course, good mathematical ability and basic understanding of logic (predicate calculus) are highly desirable. An ability to program in Java may be assumed for practical exercises. |
Information for Visiting Students
| Pre-requisites | None |
| High Demand Course? |
Yes |
Course Delivery Information
|
| Academic year 2021/22, Available to all students (SV1)
|
Quota: None |
| Course Start |
Semester 2 |
Timetable |
Timetable |
| Learning and Teaching activities (Further Info) |
Total Hours:
200
(
Lecture Hours 30,
Seminar/Tutorial Hours 5,
Supervised Practical/Workshop/Studio Hours 4,
Summative Assessment Hours 2,
Programme Level Learning and Teaching Hours 4,
Directed Learning and Independent Learning Hours
155 )
|
| Assessment (Further Info) |
Written Exam
75 %,
Coursework
25 %,
Practical Exam
0 %
|
| Additional Information (Assessment) |
3 pieces of coursework: 1 formative assessment, 2 assessments (25% of course total).
1 exam (75% of course total).
If delivered in semester 1, this course will have an option for semester 1 only visiting undergraduate students, providing assessment prior to the end of the calendar year. |
| Feedback |
Not entered |
| Exam Information |
| Exam Diet |
Paper Name |
Hours & Minutes |
|
| Main Exam Diet S2 (April/May) | | 2:00 | | | Resit Exam Diet (August) | | 2:00 | |
Learning Outcomes
On completion of this course, the student will be able to:
- Describe common security threats against computer systems, and identify appropriate mechanisms to address them.
- Explain techniques and design principles that underlie the common mechanisms for protecting the security, privacy, and trust of computer systems and networks.
- Be able to complete a basic security analysis of computer systems or networks.
- Be able to independently collect, filter out, and contextualise information about security vulnerabilities and their mitigations.
|
Reading List
| Introduction to Computer Security (First Edition), Michael Goodrich and Roberto Tamassia, Pearson. |
Contacts
| Course organiser | Dr Myrto Arapinis
Tel: (0131 6)50 9981
Email: marapini@inf.ed.ac.uk |
Course secretary | Mrs Michelle Bain
Tel: (0131 6)51 7607
Email: michelle.bain@ed.ac.uk |
|
|
University Homepage