spring 2020

INF-2310 Computer Security - 10 ECTS

Sist endret: 29.11.2019

The course is provided by

Faculty of Science and Technology

Location

Tromsø |

Application deadline

Applicants from Nordic countries: 1 June for the autumn semester and 1 December for the spring semester. Exchange students and Fulbright students: 1 October for the spring semester and 15 April for the autumn semester.

Type of course

The course can be taken as a singular course. The course is given every spring semester. 

Admission requirements

Admission requirements: Higher Education Entrance Qualification + specific entrance requirements equivalent to MATRS: R1/(S1+S2). Application code: 9354 - Singular course in computer science.

Course content

The course will provide an introduction to the general principles of computer security from an applied viewpoint. Topics include common cyber-attacks, techniques for identifying and defending against vulnerabilities in computers and networks, the fundamental building blocks of secure systems, security principles for commonly used items, and human, social, and economic aspects of computer security. The course will focus on security issues related to software exposed to network communication, particular in modern web applications. 

Objectives of the course

Knowledge - The candidate has knowledge of 

  • general principles, goals, and abstractions for cybersecurity (e.g., confidentiality, availability, integrity, assurance, anonymity, authenticity); 
  • concepts of risk, threats, vulnerabilities, and attack vectors; 
  • basic cryptography and cipher types; 
  • basic authentication and key exchange protocols, including Diffie-Hellman; 
  • the access control matrix; 
  • public-key infrastructures, digital signatures, and certificates; 
  • web authentication protocols; and 
  • cross-site scripting vulnerabilities and the same-origin policy for JavaScript executing in browsers. 

 Skills - The candidate can 

  • analyze software artifacts in terms of confidentiality, integrity, and availability; 
  • use cryptographic tools to send and receive messages over the Internet; 
  • use digital signatures; 
  • authenticate remote principals in web servers; and 
  • identify and avoid common security vulnerabilities. 

 General competence - The candidate can 

  • analyze and document computer systems and protocols; 
  • participate actively in professional discussions (oral or written); 
  • develop robust and secure software systems; and 
  • apply security-by-design principles. 

Language of instruction

The language of instruction is English, and the syllabus material is in English. The examinations will also be in English but can be answered either in English or a Scandinavian language. 

Teaching methods

Lectures: 30 hours, Colloquium: 30 hours, Laboratory: 30 hours.

Assessment

A 4 hours final written exam counting 100%. Approved assignments give access to the final written exam. 

Grade scale: Letter grades A-E, F - fail.

The coursework includes up to 4 written assignment, individually graded approved / not approved. Oral presentation of the assignments and demonstrations of a working system can in special cases be claimed by the course responsible.

Re-sit examination: Given early in teaching free semester, if the course is compulsory in the study plan. It will be arranged a 4-hour written exam counting 100%. To get access to the re-sit examination in the teaching free semester the student must have passed the course requirements. 

Postponed examination: Given early in teaching free semester. It will be arranged a 4-hour written exam counting 100%. To get access to the postponed examination in the teaching free semester the student must have passed the course requirements. 

Date for examination

Written exam 26.05.2020

The date for the exam can be changed. The final date will be announced in the StudentWeb early in May and early in November.

Schedule



Kontakt
12247082_10153132578606965_3635393730275906239_n.jpg

Håvard D. Johansen


Førsteamanuensis
Telefon: +4777646738 havard.johansen@uit.no