Course syllabus
Informatics, Introduction to IT Security, Second Cycle, 7.5 credits
| Course code: | IK434A | Credits: | 7.5 |
|---|---|---|---|
| Main field of study: | Informatics | Progression: | A1N |
| Last revised: | 12/03/2024 | ||
| Education cycle: | Second cycle | Approved by: | Head of school |
| Established: | 01/11/2019 | Reading list approved: | 12/03/2024 |
| Valid from: | Autumn semester 2024 | Revision: | 2 |
Learning outcomes
1. Explain the basic concepts related to current computer and network systems with their security vulnerabilities.
2. Describe technical threats that follow from the use of different forms of computing and networking technologies and critically analyze and suggest countermeasures of a particular scenario.
3. Explain how different cryptographic solutions can be used in information systems to provide security and privacy and apply them accordingly.
4. Explain the core principles of system intrusion and analyze system vulnerabilities, using tools as appropriate, for protection.
5. Demonstrate understanding of the principles for secure system development.
Content
The course consists of the following modules:
1: Concepts
- Basic concepts related to computer and network systems including their architectures and their common security vulnerabilities. (Addressing goal 1)
2: Threats and Countermeasures
- Techniques for attacks on different platforms including operating systems, Web and databases and their possible countermeasures that can be applied at different levels uncluding users, system developers and overall system design. (Addressing goal 2)
- Cryptographic techniques including symmetric and asymmetric encryption approaches, digital signatures, and infrastructures for public key certificates and their applications in different scenarios. (Addressing goal 3)
- Techniques on detection of intrusion and protection in computer networks. This includes analysis of attacks such as IP spoofing, packet sniffing, denial of service attacks, and their possible countermeasures. (Addressing goal 4)
- Techniques for secure system development. This includes approaches to system maintainance like software patching, certification of hardware and sofware, backups and mirroring of storage systems, and physical security. (Addressing goal 5)
Examinations and grades
Concepts, 1.5 credits (Code: A001)
Grades used are Fail (U) or Pass (G).
Threats and Countermeasures - Group Assignment 1, 0.5 credits (Code: A002)
Grades used are Fail (U) or Pass (G).
Threats and Countermeasures - Group Assignment 2, 0.5 credits (Code: A003)
Grades used are Fail (U) or Pass (G).
Threats and Countermeasures - Group Assignment 3, 0.5 credits (Code: A004)
Grades used are Fail (U) or Pass (G).
Threats and Countermeasures - Group Seminar, 0.5 credits (Code: A005)
Grades used are Fail (U) or Pass (G).
Threats and Countermeasure - Written Examination, 4 credits (Code: A006)
Grades used are Fail (F), Sufficient (E), Satisfactory (D), Good (C), Very Good (B) or Excellent (A).
According to the Higher Education Ordinance, Chapter 6, Section 18, a grade is to be awarded on the completion of a course, unless otherwise prescribed by the university. The university may determine which grading system is to be used. The grade must be determined by a teacher specifically nominated by the university (the examiner).
In accordance with university regulations on grading systems for first and second-cycle courses and study programmes (Vice-Chancellor’s decision ORU 2018/00929), one of the following grades is to be used: fail (U), pass (G) or pass with distinction (VG). For courses included in an international master’s programme (60 or 120 credits) or offered to the university’s incoming exchange students, the A to F grading scale is to be used. The vice-chancellor, or a person appointed by them, may decide on exceptions from this provision for a specific course, if there are special grounds for doing so.
The grades used on this course are Fail (F), Sufficient (E), Satisfactory (D), Good (C), Very Good (B) or Excellent (A).
Comments on grades
For an approved final grade on the course, an approved result is required for all examinations. The letter grades A-E are weighted into a final grade based on the examinations of the entire course.
Modes of assessment
Concepts, 1.5 credits (Code: A001)
Examination through a Group seminar and a quiz (Assesses goals 1 and 2).
Threats and Countermeasures - Group Assignment 1, 0.5 credits (Code: A002)
A computer-based assignment about application of different cryptographic solutions. (Assesses goal 3)
Threats and Countermeasures - Group Assignment 2, 0.5 credits (Code: A003)
A computer-based assignment about system intrusion covering techniques on password cracking and network sniffing (Assesses goal 4).)
Threats and Countermeasures - Group Assignment 3, 0.5 credits (Code: A004)
A computer-based assignment about using tools for database security (Assesses goal 4)
Threats and Countermeasures - Group Seminar, 0.5 credits (Code: A005)
Seminar covering aspects on secure system development. (Assesses goal 5)
Threats and Countermeasure - Written Examination, 4 credits (Code: A006)
Individual written examination. (Assesses goals 1-5)
For students with a documented disability, the university may approve applications for adapted or other modes of assessment.
For further information, see the university's local examination regulations.
Specific entry requirements
Informatics, Basic Course 30 Credits, 30 Credits at intermediate course level within Informatics and successful completion of at least 15 Credits at advanced course level within Informatics. Alternatively Business Administration, Basic Course, 30 Credits, Business Administration, Intermediate Course, 30 Credits and successful completion of at least 15 Credits at advanced course level within Business Administration. Alternatively 30 Credits within G1N in Computer Science and 45 Credits within G1F in Computer Science. The applicant must also have qualifications corresponding to the course "English 6" or "English B" from the Swedish Upper Secondary School.
For further information, see the university's admission regulations.
Other provisions
The course is offered in English and therefore all examinations will be conducted in English.
Students who have been admitted to and registered on a course have the right to receive tuition and/or supervision for the duration of the time period specified for the particular course to which they were accepted (see, the university's admission regulations (in Swedish)). After that, the right to receive tuition and/or supervision expires.
Reading list and other learning resources
Required Reading
Charles P. Pfleeger, Shari L. Pfleeger & Jonathan Marguiles (2015)
Security in Computing
Prentice Hall, 944 pages
Additional Reading
Goodrich, Michael & Roberto Tamassia (2013)
Introduction to Computer Security
Pearson, 520 pages
Timothy J. Shimeall and Jonathan M. Spring (2013)
Introduction to Information Security: A strategic-based approach
Syngress Media, 382 pages
Additions and Comments
Research papers to be provided by the teachers, approximately 100 pages.