CS140 15 CATS (7.5 ECTS) Terms 1
Option - CS, CSE, CSBS and Discrete Mathematics.
To introduce students to the basic concepts of computer security. It will provide a grounding in the main ideas and concerns in this area. It will also involve hands-on experience of security issues in practice.
On completion of the module the student should be able to:
- Understand what is meant by computer security and be able to display knowledge of the challenges to computer security. Understand what computer security encompasses and know the basic concepts in the field.
- Demonstrate an appreciation of the practical aspects of computer (in)security. Understand common security threats and have a basic understanding of measures to combat them.
- Demonstrate improvement in the following key skills: IT; numeracy; study skills; communication.
- Demonstrate critical analysis with respect to the evaluation of system security.
- Demonstrate skills appropriate to the computer science professional in the assessment and design of secure systems.
First five weeks: Introduction to basic computer security.
This will cover a number of important concepts in the area of security. For example a brief history, security and security threats, practical measures (eg: identification, authentication, audit trails), security models, basics of cryptography, network security.
Second five weeks: Detailed investigation of security in practice.
In this part of the course an area, which can be used to provide specific examples and practical exploration, will be selected for more detailed investigation. This will incorporate an introduction to some of the relevant security technologies. It is likely that the specific topic under consideration will vary from year to year. As an example, the area of secure email might be considered, investigating the challenges posed, the actual threats and attacks that have occurred, what can be done/has been done to secure email (PGP, PEM, X.400, S/MIME), aspects of use of cryptography in securing email, etc.
- Stallings W, Cryptography and Network Security, Pearson/Prentice Hall (4th ed) 2006.
- Mollins R, Introduction to Cryptography, (2nd ed) 2007.
- Kaufman C, Network Security, Perlman and Speciner (2nd ed) 2002.
- Schneier B, Secrets and Lies, Wiley 2004.
- Anderson, R, Security Engineering, Wiley (2nd ed) 2008.
- Gollman, D, Computer Security, Hoboken (3rd ed) 2011.
Two hour examination (60%), practical assignments (40%)
20 lectures, 5 x 1 hour seminars and 5 x 1hour labs