Foundations of Information Security
2009-2010 - IMT4541 - 5 ECTS

Expected learning outcomes

Having completed the course, the student should have

  • understood the key modelling techniques used for secure computer systems and reasoning about them
  • good understanding of models and mechanisms for identification and authentication and access control
  • obtained a solid understanding of security analysis and developmental assurance techniques and issues


  • Identification and authentication mechanisms including biometrics
  • Access control models and formalisms
  • Decidability results and limitations of access control and security models
  • Security models including the Bell-LaPadula, RBAC, and Chinese Wall models
  • Information-theoretic models of information flow and covert channels
  • Developmental assurance and evaluation criteria

Teaching Methods


Teaching Methods (additional text)

  • Lectures
  • Term paper

Form(s) of Assessment


Form(s) of Assessment (additional text)

  • Written exam (alternatively oral exam): 67%
  • Term paper: 33%
  • Pass decision is on the cumulative grade

Grading Scale

Alphabetical Scale, A(best) – F (fail)

External/internal examiner

Evaluated by external and internal examiner.

Re-sit examination

A new term paper must be provided next autumn. For the exam: Ordinary re-sit examnination.

Examination support

Dictionary, simple calculator

Coursework Requirements


Teaching Materials

The following textbooks are the primary references; further recommended reading is provided in the course syllabus.

  • M. Bishop: Computer Security: Art and Science. Addison-Wesley, 2003.
  • D. Gollmann: Computer Security, 2nd edition Wiley, 2006

Replacement course for

IMT4162 Information Security and Security Architecture

Additional information

Capacity of the course is limited to 50 students unless explicitly arranged by lecturer.