Course Program:
Information Security is a course that provides the students with comprehensive, in-depth knowledge about information and computer security. This field is of importance for every individual: think of the privacy concerns when we are using social media, or consider the viruses and worms that endanger our computers. Moreover, security is crucial when it comes to organizations, which have to protect themselves from attackers aiming to spoil their reputation or to steal some trade secrets, have to train their own employees so that they act in accordance with security best practices and norms, and have to design software systems that are not harmful and that cannot be exploited by attackers.
Upon completion of the course, the student:
- · Can explain and illustrate the main security properties such as confidentiality, integrity, authenticity, etc.
- · Knows the fundamental security terminology that is essential to read security news, bulletins, and to apprehend advanced techniques
- · Can recognize and explain the main attacks to computer and information security
- · Knows the main security solutions and their underlying principles
- · Can conduct risk analysis to determine the most adequate set of security solutions for a given context
- · Can apply state-of-the-art techniques to design secure software systems, especially during the requirements engineering phase
The course will feature a tight interplay between theory and practice.
Lectures:
- · Introduction to security
- · Authentication and access control
- · Symmetric cryptography
- · Programs and programming oversights
- · Malware and defensive mechanisms
- · Risk assessment with Coras
- · Blockchain technology
- · Web security
- · Computer networks: basics
- · Asymmetric cryptography
- · Network security
- · Database security
- · Security requirements with STS-ml (2x)
- · Ethics and legal issues
- · Identity and access management
Hands-on Sessions:
- · Security flaws in an organization
- · Symmetric cryptography
- · Coras (risk)
- · Penetration testing x2
- · Asymmetric cryptography
- · Security requirements with STS-ml
Textbook:
Grading:
Evaluation (maybe subject to change)
- Bi-weekly quizzes (~ 20%)
- In class participation (~10%)
- Two group projects ((~ 20% each)
- Final exam (~ % 30)