Course syllabus
Informatics, Introduction to IT Security, Second Cycle, 7.5 credits
| Course code: | IK434A | Credits: | 7.5 |
|---|---|---|---|
| Main field of study: | Informatics | Progression: | A1N |
| Last revised: | 12/03/2020 | ||
| Education cycle: | Second cycle | Approved by: | Head of school |
| Established: | 01/11/2019 | Reading list approved: | 12/03/2020 |
| Valid from: | Autumn semester 2020 | Revision: | 1 |
Aims and objectives
General aims for second cycle education
Second-cycle courses and study programmes shall involve the acquisition of specialist knowledge, competence and skills in relation to first-cycle courses and study programmes, and in addition to the requirements for first-cycle courses and study programmes shall
- further develop the ability of students to integrate and make autonomous use of their knowledge
- develop the students' ability to deal with complex phenomena, issues and situations, and
- develop the students' potential for professional activities that demand considerable autonomy, or for research and development work.
(Higher Education Act, Chapter 1, Section 9)
Course objectives
1. Explain the basic concepts related to current computer and network systems with their security vulnerabilities.
2. Describe technical threats that follow from the use of different forms of computing and networking technologies and critically analyze and suggest countermeasures of a particular scenario.
3. Explain how different cryptographic solutions can be used in information systems to provide security and privacy and apply them accordingly.
4. Explain the core principles of system intrusion and analyze system vulnerabilities, using tools as appropriate, for protection.
5. Demonstrate understanding of the principles for secure system development.
Main content of the course
The course consists of the following modules:
1: Concepts
- Basic concepts related to computer and network systems including their architectures and their common security vulnerabilities. (Addressing goal 1)
2: Threats and Countermeasures
- Techniques for attacks on different platforms including operating systems, Web and databases and their possible countermeasures that can be applied at different levels uncluding users, system developers and overall system design. (Addressing goal 2)
- Cryptographic techniques including symmetric and asymmetric encryption approaches, digital signatures, and infrastructures for public key certificates and their applications in different scenarios. (Addressing goal 3)
- Techniques on detection of intrusion and protection in computer networks. This includes analysis of attacks such as IP spoofing, packet sniffing, denial of service attacks, and their possible countermeasures. (Addressing goal 4)
- Techniques for secure system development. This includes approaches to system maintainance like software patching, certification of hardware and sofware, backups and mirroring of storage systems, and physical security. (Addressing goal 5)
Teaching methods
The employeed teaching methods are anchored in flipped classroom and case-based learning. Flipped classroom means focusing on exploring topics in greater depth and creating meaningful learning opportunities in class time, while content delivery is made outside of the classroom. Case-based learning means that scenarios from real-world examples are used to as a point of departure for in class activities and assignments.
In this course these theaching methods are implemented through online lectures, individual readings, in-class activities based on cases, and group assignments based on cases.
Students who have been admitted to and registered on a course have the right to receive tuition and/or supervision for the duration of the time period specified for the particular course to which they were accepted (see, the university's admission regulations (in Swedish)). After that, the right to receive tuition and/or supervision expires.
Examination methods
Concepts, 1.5 credits (Code: A001)
Examination through a Group seminar and a quiz (Assesses goals 1 and 2).
Threats and Countermeasures - Group Assignment 1, 0.5 credits (Code: A002)
A computer-based assignment about application of different cryptographic solutions. (Assesses goal 3)
Threats and Countermeasures - Group Assignment 2, 0.5 credits (Code: A003)
A computer-based assignment about system intrusion covering techniques on password cracking and network sniffing (Assesses goal 4).)
Threats and Countermeasures - Group Assignment 3, 0.5 credits (Code: A004)
A computer-based assignment about using tools for database security (Assesses goal 4)
Threats and Countermeasures - Group Seminar, 0.5 credits (Code: A005)
Seminar covering aspects on secure system development. (Assesses goal 5)
Threats and Countermeasure - Written Examination, 4 credits (Code: A006)
Individual written examination. (Assesses goals 1-5)
For students with a documented disability, the university may approve applications for adapted or other forms of examinations.
For further information, see the university's local examination regulations (in Swedish).
Grades
According to the Higher Education Ordinance, Chapter 6, Section 18, a grade is to be awarded on the completion of a course, unless otherwise prescribed by the university. The university may prescribe which grading system shall apply. The grade is to be determined by a teacher specifically appointed by the university (an examiner).
In accordance with university regulations regarding grading systems for first and second-cycle courses (Vice-Chancellor’s decision ORU 2018/00929), one of the following grades shall be used: Fail (U), Pass (G) or Pass with Distinction (VG). For courses that are included in an international Master’s programme (60 or 120 credits) or offered to the university’s incoming exchange students, the grading scale of A-F shall be used. The vice-chancellor, or a person appointed by the vice-chancellor, may decide on exceptions from this provision for a specific course, if there are special grounds.
Grades used on course are Fail (F), Sufficient (E), Satisfactory (D), Good (C), Very Good (B) or Excellent (A).
Concepts
Grades used are Fail (U) or Pass (G).
Threats and Countermeasures - Group Assignment 1
Grades used are Fail (U) or Pass (G).
Threats and Countermeasures - Group Assignment 2
Grades used are Fail (U) or Pass (G).
Threats and Countermeasures - Group Assignment 3
Grades used are Fail (U) or Pass (G).
Threats and Countermeasures - Group Seminar
Grades used are Fail (U) or Pass (G).
Threats and Countermeasure - Written Examination
Grades used are Fail (F), Sufficient (E), Satisfactory (D), Good (C), Very Good (B) or Excellent (A).
For further information, see the university's local examination regulations (in Swedish).
Comments on grades
For an approved final grade on the course, an approved result is required for all examinations. The letter grades A-E are weighted into a final grade based on the examinations of the entire course. Detailed information on the requirements for each of the grade levels are given in the outlines at the start of the course.
Specific entry requirements
Informatics, Basic Course 30 Credits, 30 Credits at intermediate course level within Informatics and successful completion of at least 15 Credits at advanced course level within Informatics. Alternatively Business Administration, Basic Course, 30 Credits, Business Administration, Intermediate Course, 30 Credits and successful completion of at least 15 Credits at advanced course level within Business Administration. Alternatively 30 Credits within G1N in Computer Science and 45 Credits within G1F in Computer Science. The applicant must also have qualifications corresponding to the course "English 6" or "English B" from the Swedish Upper Secondary School.
For further information, see the university's admission regulations (in Swedish).
Transfer of credits for previous studies
Students who have previously completed higher education or other activities are, in accordance with the Higher Education Ordinance, entitled to have these credited towards the current programme, providing that the previous studies or activities meet certain criteria.
For further information, see the university's local credit transfer regulations (in Swedish).
Other provisions
Remaining tasks should be completed as soon as possible according to the teacher's instructions.
Reading list and other teaching materials
Required Reading
Charles P. Pfleeger, Shari L. Pfleeger & Jonathan Marguiles (2015)
Security in Computing
Prentice Hall, 944 pages
Additional Reading
Goodrich, Michael & Roberto Tamassia (2013)
Introduction to Computer Security
Pearson, 520 pages
Timothy J. Shimeall and Jonathan M. Spring (2013)
Introduction to Information Security: A strategic-based approach
Syngress Media, 382 pages
Additions and Comments
Research papers to be provided by the teachers, approximately 100 pages.