Search programme

​Use the search function to search amongst programmes at Chalmers. The study programme and the study programme syllabus relating to your studies are generally from the academic year you began your studies.

Syllabus for

Academic year
EDA263 - Computer security  
Datasäkerhet
 
Syllabus adopted 2017-02-20 by Head of Programme (or corresponding)
Owner: MPCSN
7,5 Credits
Grading: TH - Five, Four, Three, Fail
Education cycle: Second-cycle
Major subject: Computer Science and Engineering, Information Technology
Department: 37 - COMPUTER SCIENCE AND ENGINEERING


Teaching language: English
Open for exchange students: Yes
Block schedule: C+

Course elements   Credit distribution   Examination dates
Sp1 Sp2 Sp3 Sp4 Summer course No Sp
0107 Examination 6,0c Grading: TH   6,0c   23 Mar 2019 am M   10 Jun 2019 pm M   28 Aug 2019 pm M  
0207 Laboratory 1,5c Grading: UG   1,5c    

In programs

MPCSN COMPUTER SYSTEMS AND NETWORKS, MSC PROGR, Year 1 (compulsory elective)
MPSOF SOFTWARE ENGINEERING AND TECHNOLOGY, MSC PROGR, Year 1 (compulsory elective)
MPSOF SOFTWARE ENGINEERING AND TECHNOLOGY, MSC PROGR, Year 2 (elective)
TIDAL COMPUTER ENGINEERING, Year 3 (compulsory elective)
TKDAT COMPUTER SCIENCE AND ENGINEERING, Year 3 (elective)
TKITE SOFTWARE ENGINEERING, Year 3 (elective)
MPALG COMPUTER SCIENCE - ALGORITHMS, LANGUAGES AND LOGIC, MSC PROGR, Year 1 (elective)
MPIDE INTERACTION DESIGN AND TECHNOLOGIES, MSC PROGR, Year 2 (elective)
MPEES EMBEDDED ELECTRONIC SYSTEM DESIGN, MSC PROGR, Year 1 (elective)

Examiner:

Magnus Almgren

  Go to Course Homepage

Replaces

EDA261   Applied computer security EDA262   Computer security


 

Eligibility:


In order to be eligible for a second cycle course the applicant needs to fulfil the general and specific entry requirements of the programme that owns the course. (If the second cycle course is owned by a first cycle programme, second cycle entry requirements apply.)
Exemption from the eligibility requirement: Applicants enrolled in a programme at Chalmers where the course is included in the study programme are exempted from fulfilling these requirements.

Course specific prerequisites

General requirements from a Bachelor's degree are required. Knowledge in a programming language, such as C, is also required.
The course EDA093 Operating systems or equivalent is recommended.

Aim

The course gives basic knowledge in the security area, i.e. how to protect your system against intentional intrusions and attacks. The purpose of intrusions can be made to change or delete resources (data, programs, hardware, etc), to get unauthorized access to confidential information or unauthorized use of the system's services. The course covers threats and vulnerabilities in the computer systems and networks, as well as rules, methods and mechanisms for protection. Modeling and assessment of security and dependability as well as metrication methods are covered. During a few lectures, a holistic security approach is taken and organizational, business-related, social, human, legal and ethical aspects are treated.

Learning outcomes (after completion of the course the student should be able to)

After completing the course the student shall have acquired the following knowledge goals. The student shall:

    * have an overall, fundamental understanding of computer security and realize the consequences of insecurity
    * have a general knowledge of protection mechanisms
    * be capable of making a security analysis of different types of systems and suggest ways to improve security
    * be able to deal with a few methods for security modeling
    * understand common methods for security assessment, evaluation and metrication
    * have improved his or her skill in technical writing
    * be able to reason on the ethical and social aspects of computer security.

Content

Introduction to computer security: definitions, terminology, standards. Some practical examples. Relation to dependability, reliability, availability and safety.
UNIX security: file system, system administration, passwords and accounts, authorization.
Security threats: systematic approach, physical security, including tempest, viruses, worms, Trojan horses, and logic bombs.
Information hiding, steganography and covert channels.
Introduction to cryptography.
Secure operating systems. Security mechanisms: authentication, authorization, access control, file protection, reference monitor, encryption and separation.
Intrusion detection systems. Deception systems.
Security Models: Bell-LaPadula, Biba, Chinese wall etc.
Introduction to Network Security and firewalls.
Database security, defensive programming, injection attacks.
Security metrics.
Security management and organisation. Security policy and risk analysis. Social engineering, cyber criminality and information warfare.
Laws and ethics.

Organisation

The course consists of a series of lectures, a few exercises and laborative exercises. Normally, one or two lectures are given by lecturers from industry, who give an application perspective on security. The laborative exercises focus on a few common security mechanisms. 

Computer security is one of the courses proposed in the security specialization at Chalmers and Göteborg University. It gives an overview of the field. For those with interest in the security specialization we recommend this course (EDA263) as an overview and refer to the other courses for depth, Cryptography (TDA351), Network security (EDA491) and Language-based security (TDA602). Ethical and social aspects in relation to computer science are further developed in the course DAT147.

Literature

See separate literature list.

Examination including compulsory elements

Written exam and pass on laboratory exercises.


Published: Fri 18 Dec 2009. Modified: Mon 28 Nov 2016