Introductory description

This module covers basic theory and practice of computer security, and comes in two parts.
Part 1: Introduction to Basic Computer Security
Part 2: Detailed Investigation of Security in Practice

Module aims

Outline syllabus

This is an indicative module outline only to give an indication of the sort of topics that may be covered. Actual sessions held may differ.

• First five weeks: Introduction to basic computer security. This will cover a number of important concepts in the area of security. For example a brief history, security and security threats, practical measures (eg: identification, authentication, authorization), security models, basics of cryptography, network security.
• Second five weeks: Detailed investigation of security in practice. In this part of the course an area, which can be used to provide specific examples and practical exploration, will be selected for more detailed investigation. This will incorporate an introduction to some of the relevant security technologies. It is likely that the specific topic under consideration will vary from year to year. As an example, the area of secure email might be considered, investigating the challenges posed, the actual threats and attacks that have occurred, what can be done/has been done to secure email, aspects of use of cryptography in securing email, etc.

Learning outcomes

By the end of the module, students should be able to:

• - Understand what is meant by computer security and be able to display knowledge of the challenges to computer security. They should understand what computer security encompasses and know the basic concepts in the field.
• - Demonstrate an appreciation of the practical aspects of computer (in)security, understand common security threats and have a basic understanding of measures to combat them.
• Demonstrate improvement in the following skills: IT, numeracy, study skills, communication.
• Demonstrate critical analysis with respect to the evaluation of system security.
• Demonstrate skills appropriate to the computer science professional in the assessment and design of secure systems.

Indicative reading list

(a) Stallings W, Cryptography and Network Security, Pearson/Prentice Hall (4th ed) 2006.
(b) Mollins R, Introduction to Cryptography, (2nd ed) 2007.
(c) Kaufman C, Network Security, Perlman and Speciner (2nd ed) 2002.
(d) Schneier B, Secrets and Lies, Wiley 2004.
(e) Anderson, R, Security Engineering, Wiley (2nd ed) 2008.
(f) Gollman, D, Computer Security, Hoboken (3rd ed) 2011.

Research element

Lecturer and students will discuss and analyse some of the knowledge points from the perspective of conducting the research, namely, not just imparting the face value and fact of a knowledge point or a technique, but teaching the students to understand the underlying principle and logic of why they exist and why the technique is designed this way.

Subject specific skills

Analytical skills by applying the security knowledge learned in this module to analyze the security-related events in daily lives
Mathmatical thinking skills by linking rigour in math with the design of the security mechanisms
Problem solving and IT skills by applying the learned knowledge to do practical lab sesssions and the courseworks Presentation and communication skills by discussing and presenting the topic issues in the seminars
Critical thinking skills by analyzing and comparing the pros and cons of different security-related techniques.

Transferable skills

Communication and presentation skills