• No results found

Curran, K. Tutorials. Independent study (including assessment) N/A

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Curran, K. Tutorials. Independent study (including assessment) N/A"

Copied!
6
0
0

Loading.... (view fulltext now)

Download now ( 6 Page )

Full text

(1)

MODULE TITLE: Systems’ Security

MODULE CODE: COM535

YEAR OF REVISION: 2013/14

MODULE LEVEL: 6

CREDIT POINTS: 20

MODULE STATUS: Optional

SEMESTER: 1

LOCATION: Magee

E-LEARNING: Blended learning

PREREQUISITE(S): None

CO-REQUISITE(S): None

MODULE CO-ORDINATOR(S): Curran, K TEACHING STAFF

RESPONSIBLE FOR MODULE DELIVERY: Curran, K HOURS: Lectures 24 hrs Seminars hrs Tutorials hrs Practicals 48 hrs Independent study (including assessment) 128 hrs

TOTAL EFFORT HOURS: 200

ACADEMIC SUBJECT: MODULAR SUBJECT:

COM N/A

RATIONALE

The aim of the course is to introduce the student to the issues that arise when we consider the security of computer networks, from both a "white-hat" (defensive), and "black-hat" (offensive) perspective.

(2)

AIMS

The aim is to provide an understanding of the theory of secure software and network systems through a series of lab based practical work and experiments. This treatment will reinforce software engineering best practice. This module also aims to introduce the key concepts of secure computer systems and provide expertise in applying the principal techniques associated with planning and deploying secure systems.

LEARNING OUTCOMES

A successful student will be able to:

KNOWLEDGE AND UNDERSTANDING

K1 Demonstrate knowledge and understanding of the key principles and concepts that underpin computer security

K2 Demonstrate knowledge and understanding of the key concepts and techniques used to develop security defences and related protocols and standards.

K3 Display an appreciation of the technical and research challenges facing developers of network based secure environments.

K4 Demonstrate how to assess the security of web applications

INTELLECTUAL QUALITIES

I1 Critically evaluate approaches and techniques used in the design and development of secure technologies.

I2 Apply a range of technical solutions that address the technical challenges associated with the design of secure systems.

I3 Communicate and implement appropriate secure network applications. I4 Identify a range of network security problems

PROFESSIONAL/PRACTICAL SKILLS

P1 Demonstrate competence in the creation of appropriate secure systems P2 Employ effectively a range of tools and techniques in the design of secure

systems.

P3 Combine a range of techniques and approaches in the design and development of secure applications.

(3)

TRANSFERABLE SKILLS

T1 Adopt a methodical approach in the design and development of secure systems

T2 Communicate design solutions in a clear and concise manner. T3 Communicate design solutions in a clear and concise manner.

T4 Demonstrate ability to critically evaluate and synthesise information from a wide range of sources.

(4)

CONTENT

Part 1: Computer Security Technology and Principles

1.1 Cryptographic Tools, Confidentiality, Message Authentication and Hash Functions, Public-Key Encryption and Digital Signatures and Key Management. 1.2 User Authentication, Means of Authentication, Password-Based Authentication, Security Issues for User Authentication

1.3 Access Control Principles, Subjects, Objects, and Access Rights

1.4 The Need for Database Security, Database Management Systems, Database Access Control, Cloud Security

1.5 Types of Malicious Software, Propagation/Infected Content/Viruses/Trojans/Bots 1.6 Denial-of-Service Attacks, Flooding Attacks, Application-Based Bandwidth Attacks 1.7 Intrusion Detection, Host-Based Intrusion Detection, Network-Based Intrusion Detection, Honeypots

1.8 Firewalls and Intrusion Prevention Systems. Intrusion Prevention Systems

Part 2: Software Security & Trusted Systems

2.1 Buffer Overflow, Stack Overflows, Defending Against Buffer Overflows

2.2 Software Security, Handling Program Input, Interacting with the Operating System and Other Programs

2.3 Operating System Security, System Security Planning, Windows/Linux/Unix Security

2.4 Trusted Computing and Multilevel Security, The Concept of Trusted Systems, Assurance and Evaluation

Part 3: Management Issues

3.1 IT Security Management and Risk Assessment, Security Risk Assessment 3.2 IT Security Controls, Plans, and Procedures, IT Security Plan, Implementation of Controls

3.3 Physical and Infrastructure Security, Recovery from Physical Security Breaches 528

3.4 Human Resources Security, Employment Practices and Policies, E-Mail and Internet Use Policies

3.5 Security Auditing, The Security Audit Trail, Audit Trail Analysis

Part 4: Cryptographic Algorithms & Network Security

4.1 Symmetric Encryption and Message Confidentiality, Data Encryption Standard, Advanced Encryption Standard

4.2 Public-Key Cryptography & Message Authentication, Secure Hash Functions, HMAC

4.3 Internet Security Protocols and Standards, Secure E-mail and S/MIME, SSL, HTTPS

4.4 Internet Authentication Applications, Kerberos, X.509 4.5 Wireless Network Security, IEEE 802.11 Wireless LANs.

(5)

READING LIST Recommended:

Stallings, W., Brown, L. (2012) Computer Security: Principles and Practices: International Edition, 2/E, Pearson Higher Education, ISBN: 978-0-2737-6449-6 Eastoom, W. (2012) Computer Security Fundamentals, 2/E, Pearson Higher Education, ISBN: 978-0-7897-4890-4

Oriyano, S.P. (2012) Hacker Techniques, Tools, and Incident Handling, Jones and Bartlett Learning, ISBN: 978-0-7637-9183-4

TEACHING AND LEARNING METHODS

Lectures will consist of context setting, introductions to and explanations of relevant techniques and algorithms. Open discussions and references to reading material will frequently be used to widen the learning experience. The material covered in the practical sessions will reinforce the content covered in the lectures and will focus on developing the students’ game development and programming skills. Students will be directed to read sections of the recommended texts together with material from relevant Internet sites. They will be expected to consolidate the material after the lectures by private study.

The module is offered by Blended Learning.

ASSESSMENT AND FEEDBACK

Coursework 1:

CA1 (Worth 50% of the coursework): A closed book test midway through the module covering all taught and lab topics covered of the first six weeks. Feedback will follow within one week to assist students identify weaknesses and act as a guide for future revision. Students will be given their marks and full solutions individually.

Coursework 2:

CA2 (Worth 50% of the coursework): A written assignment will measure the student’s ability to write a secure web service application which builds on best practice in cryptography and material covered in each lab session. Feedback will follow within one week to assist students identify weaknesses and act as a guide for future revision. Students will be given their marks and full solutions individually.

Examination:

A compulsory written examination lasting three hours is completed by the student at the end of the semester and students will be required to answer 4 questions out of 5. The examination is closed book.

(6)

SUMMARY DESCRIPTION

This module provides an in-depth study of secure computer systems. This module will introduce the concepts and principles of secure systems. In addition, students will be given the opportunity to learn how to configure and test application and network security, deploy secure network based software applications and resolve security problems. Students will have an in-depth knowledge of basic skills in security, and an appreciation for emerging themes that could impact secure systems in the future.

References

Download now ( PDF - 6 Page - 90.56 KB )

Related documents

Chia-Chuan Chang, Pennaka Hari Kishore, Shoei-Sheng Lee*

After repeat column chromatographies on the CHCl 3 soluble fraction, niruriside (4), 6 a cinnamoyl sucrose acetate, and several fractions of cinnamoyl sucrose acetates analogues

E-COMMERCE PHOTOGRAPHY SIMPLIFIED

must offer the best way of experiencing your products online, which perfectly functions on computers, mobile devices, in social media and e-commerce.. Nothing scares off your

Collaboration and Co-Teaching: Librarians Teaching Digital Humanities in the Classroom

Additionally, it was a successful collaboration between a faculty member, a subject librarian, and a digital humanities specialist that supported faculty and graduate students in

Remembered Topics +++

- 37yo c breast mass and gets lumpectomy and after it showed noninvasive intraductal cancer without margins, what is next step.. Tamoxifen, radiation, chemo, observe, or sentinel

Sustainable soil and water resources: modelling soil erosion and its impact on the environment

Sediment transport hysteresis occurs from having different sediment fluxes for the same discharge on the rising and falling limb of the overland flow hydrograph..

Assessment of vegetation cooling effect through the application of green roofs in tropical campus environment

2.3.3 Rainfall Distribution 2.3.4 Wind Flow 2.3.5 Seasonal Rainfall Variation in Peninsular Malaysia 2.3.6 Sunshine and Solar Radiation 2.3.7 Evaporation 2.3.8 Relative Humidity

Registration of Great Northern Common Bean Cultivar ‘Coyne’ with Enhanced Disease Resistance to Common Bacterial Blight and Bean Rust

Abbreviations: BCMNV, Bean common mosaic necrosis virus; BCMV, Bean common mosaic virus; CBB, common bacterial blight; MRPN, Mid- West Regional Performance Nursery; PCR,