THE UNIVERSITY of EDINBURGH

DEGREE REGULATIONS & PROGRAMMES OF STUDY 2024/2025

Timetable information in the Course Catalogue may be subject to change.

University Homepage
DRPS Homepage
DRPS Search
DRPS Contact
DRPS : Course Catalogue : School of Informatics : Informatics

Undergraduate Course: Computer Security (INFR10067)

Course Outline
SchoolSchool of Informatics CollegeCollege of Science and Engineering
Credit level (Normal year taken)SCQF Level 10 (Year 3 Undergraduate) AvailabilityAvailable to all students
SCQF Credits20 ECTS Credits10
SummaryComputer Security is concerned with the protection of computer systems and their data from threats which may compromise integrity, availability, or confidentiality; the focus is on threats of a malicious nature rather than accidental. This course aims to give a broad understanding of computer security. Topics include security risks, attacks, prevention and defence methods; techniques for writing secure programs; an overview of the foundations for cryptography, security protocols and access control models.

***This course replaces INFR10058 Computer Security (10 credits).***
Course description The goal of this course is to introduce students to fundamental security concepts and offer them working knowledge of threats and counter-measures.

The topics covered in the course are:
- Introduction: fundamental concepts, access control models, threat modelling.
- Network security: basic networking concepts, DoS, Transport layer security, Link layer security, DNS attacks, Firewalls, Intrusion detection.
- Usable security: basic human factors, warning design, phishing, authentication, device authentication.
- Cryptography: symmetric ciphers, asymmetric ciphers, MACs and hash functions, digital signatures.
- Cryptographic protocols: identification, authentication and key agreement, SSL/TLS, anonymity protocols, TOR.
- OS security: OS concepts, memory and file system, access control, file permissions, memory safety, stack-based buffer overflows.
- Malware: viruses, trojan horses, worms, rootkits.
- Web security: WWW basics, client-side attacks, session hijacking XSS, CSRF, defences, server-side attacks, SQL injection, RFI, LFI.
Entry Requirements (not applicable to Visiting Students)
Pre-requisites Co-requisites
Prohibited Combinations Other requirements This course is open to all Informatics students including those on joint degrees. For external students where this course is not listed in your DPT, please seek special permission from the course organiser (lecturer).

For some parts of the course, good mathematical ability and basic understanding of logic (predicate calculus) are highly desirable. An ability to program in Java may be assumed for practical exercises.
Information for Visiting Students
Pre-requisitesNone
High Demand Course? Yes
Course Delivery Information
Academic year 2024/25, Available to all students (SV1) Quota:  None
Course Start Semester 1
Timetable Timetable
Learning and Teaching activities (Further Info) Total Hours: 200 ( Lecture Hours 30, Seminar/Tutorial Hours 5, Supervised Practical/Workshop/Studio Hours 4, Summative Assessment Hours 2, Programme Level Learning and Teaching Hours 4, Directed Learning and Independent Learning Hours 155 )
Assessment (Further Info) Written Exam 75 %, Coursework 25 %, Practical Exam 0 %
Additional Information (Assessment) 3 pieces of coursework: 1 formative assessment, 2 assessments (25% of course total).

1 exam (75% of course total).
Feedback Not entered
Exam Information
Exam Diet Paper Name Hours & Minutes
Main Exam Diet S1 (December)Computer Security (Level 11) PG (INFR11244) UG (INFR10067)2:120
Learning Outcomes
On completion of this course, the student will be able to:
  1. describe common security threats against computer systems, and identify appropriate mechanisms to address them.
  2. explain techniques and design principles that underlie the common mechanisms for protecting the security, privacy, and trust of computer systems and networks.
  3. complete a basic security analysis of computer systems or networks.
  4. independently collect, filter out, and contextualise information about security vulnerabilities and their mitigations.
Reading List
Introduction to Computer Security (First Edition), Michael Goodrich and Roberto Tamassia, Pearson.
Additional Information
Graduate Attributes and Skills Not entered
KeywordsCSEC-10
Contacts
Course organiserDr Tariq Elahi
Tel: (0131 6)51 3257
Email: t.elahi@ed.ac.uk
Course secretaryMiss Rose Hynd
Tel: (0131 6)50 5194
Email: rhynd@ed.ac.uk
Navigation
Help & Information
Home
Introduction
Glossary
Search DPTs and Courses
Regulations
Regulations
Degree Programmes
Introduction
Browse DPTs
Courses
Introduction
Humanities and Social Science
Science and Engineering
Medicine and Veterinary Medicine
Other Information
Combined Course Timetable
Prospectuses
Important Information