Introduction to Information Security
2010-2011 - IMT6011 - 5 ECTS

Expected learning outcomes

Having completed the course, the student should have

  • developed an advanced understanding of core issues from different sub-areas of information security research including security models, cryptography, network and operating system security, security management, and security engineering
  • achieved in-depth knowledge on one of the core areas through independent study
  • developed analytical skills enabling them to critically assess research publications and presentations

Topic(s)

  • Key results in the theory and modelling of information security
  • Network security
  • Operating system security
  • Human factors in security
  • Security engineering and assurance
  • Cryptography and cryptanalysis
  • Database security
  • Security management
  • Anonymity and privacy

Teaching Methods

Other

Teaching Methods (additional text)

  • Lectures
  • Seminar discussions

Form(s) of Assessment

Other

Form(s) of Assessment (additional text)

Students must provide two papers. One is a term paper on a topic chosen by the student in coordination with the lecturer (see below), the other is a final report which at least two other areas beyond those covered by the student in the term paper must be described concisely.

  • Term paper: 67%
  • Final report: 33%.
  • Both parts must be passed.

Grading Scale

Pass/Failure

External/internal examiner

Evaluated by lecturer.

Re-sit examination

The whole subject must be repeated.

Examination support

Dictionaries.

Coursework Requirements

Students are required to prepare a term paper on one of the subject areas covered in the course in coordination with and approved by the lecturer and must provide a presentation of results and findings in a seminar. The delivery date for the term paper is arranged individually to match the seminar schedule.

Teaching Materials

Textbooks, monographs, and research articles including but not limited to:

  • M. Bishop: Computer Security: Art and Science.Addison-Wesley, 2003.
  • M. A. Harrison, W. L. Ruzzo, J. D. Ullman: Protection in Operating Systems. Communications of the ACM 19(8):461-471 (1976)
  • C. E. Landwehr: Formal Models for Computer Security. ACM Computing Surveys 13(3):247-278 (1981)
  • D. Dolev and A. C. Yao: On the security of public key protocols. IEEE Transactions on Information Theory, IT-29(2):198–208, 1983
  • J. Goubault-Larrecq: Towards Producing Formally Checkable Security Proofs, Automatically Proceedings of the 21st IEEE Computer Security Foundations Symposium (CSFW 2008), IEEE, Pittsburgh, PA, USA, June 2008, pp. 224-238.
  • L. F. Cranor and S. Garfinkel: Security and Usability: Designing Secure Systems that People Can Use O’Reilly, 2005
  • J. C. Brustoloni and R.Villamarin-Salomon: Improving Security Decisions with Polymorphic and Audited Dialogs. Proceedings of the 3rd Symposium on Usable Privacy and Security (SOUPS'2007), ACM, Pittsburgh, PA, USA, July 2007, pp. 76-87.
  • W. Diffie and M. Hellman: New Directions in Cryptography. IEEE Transactions on Information Theory 22(6):644-654 (1976)
  • R. L. Rivest, A. Shamir,, and L. Adleman: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21(2):120-126 (1978)
  • E. Bertino and R. Sandhu: Database Security - Concepts, Approaches, and Challenges. IEEE Transactions on Dependable and Secure Computing 2(1):2-19 (2005)
  • J. Vaidya and C. Clifton: Privacy-Preserving Decision Trees over Vertically Partitioned Data. ACM Transactions on Knowledge Discovery from Data 2(3):14 (2008)
  • K. Thompson: Reflections on Trusting Trust Communications of the ACM 27(8):761-763 (1984)
  • J. Feigenbaum, A. Johnson, and P. Syverson: A Model of Onion Routing with Provable Anonymity" Proceedings of the 11th International Conference Financial Cryptography and Data Security (FC 2007), Vol. 4886 of Lecture Notes in Computer Science. Trinidad/Tobago, Feb. 2007, Springer-Verlag.
  • E. Peeters, F.-X. Standaert, and J.-J. Quisquater: Power and Electromagnetic Analysis: Improved Model, Consequences, and Comparisons Integration: The VLSI Journal 40(1):52-60 (2007)
  • D. Agrawal, B. Archambeault, J. R. Rao, and P. Rohatgi: The EM Side-Channel(s) Proceedings of Cryptographic Hardware and Embedded Systems (CHES 2002), Vol. 2523 of Lecture Notes in Computer Science, Lausanne, Switzerland, Sep. 2002, Springer-Verlag.

Additional information

The course will be limited to 12 students except by arrangement with the lecturer.