CE708-7-AU-CO: Computer Security
Department: Computer Science and Electronic Engineering
Essex credit: 15
ECTS credit: 7.5
Available to Study Abroad / Exchange Students: No
Full Year Module Available to Study Abroad / Exchange Students for a Single Term: No
Outside Option: No
Dr Jianyong Sun
Dr Jianyong Sun
School Office, email: csee-schooloffice (non-Essex users should add @essex.ac.uk to create full e-mail address), Telephone 01206 872770
|Module is taught during the following terms
This course gives an introduction to computer security and cryptography, and then goes on to consider security as it relates to a single, network connected, computer. Introductory material is independent of any operating system but the consideration of tools will focus on those available for Linux, partly because its open-source nature facilitates this and partly because it is widely used on server systems. The introduction to cryptography will be used to consider its use in encryption and authentication.
On completion of the course, students should be able to:
1. Identify and describe common security vulnerabilities
2. Identify and describe different types of attack on computers
3. Recommend security tools and procedures to protect against specific types of attack
4. Describe the nature of malware, how it may be identified and the attack mitigated
5. Explain the distinction between different types of cryptography and identify common algorithms that are weak and strong
6. Describe the use of cryptography in certification and authentication
-Principles of security and privacy, introduction to the different types of computer attack
-Common security policies, techniques and tools:
-Good administrative procedures for computer systems. Data security (e.g. good backup policy).
-Combating social engineering. Tools for identifying system vulnerabilities. Monitoring for break-ins. Recovering from a break-in.
Overview of Encryption:
-Applications of encryption to computer security. Types of encryption algorithms.
-Examples of encryption algorithms commonly used.
-Methods of user authentication. One way functions and MD5., Biometric access control (e.g. fingerprint, iris etc.). Other techniques (e.g. smartcard).
Protecting passwords from attack:
-Good and bad passwords. Methods to crack passwords and policies/techniques to reduce the problem.
-History. Classification. How viruses spread. Identifying malware.
-Analysis of risk. Steps in risk analysis. Using risk analysis to select new controls.
Learning and Teaching Methods
30 per cent Coursework Mark, 70 per cent Exam Mark
Assignment 1 with a weighting of 10% submitted via FASER in week 7.
Assignment 2 with a weighting of 10% submitted via FASER in week 10.
Progress test with a weighting of 10% to be taken in week 10.
Exam Duration and Period
2:00 during Summer Examination period.
STUDENTS SHOULD NOTE THAT THIS MODULE INFORMATION IS SUBJECT TO REVIEW AND CHANGE
- PFLEEGER, C., and PFLEEGER, S., Security in computing, Prentice Hall 2002
- A detailed book that the course uses to describe the general principles and risk analysis.
- BISHOP, M., Computer Secuirty Art and Science, Pearson Education, 2003
- GOLLMAN, D., Computer Security, Wiley 2006, 2nd ed.
- A good book that gives an excellent overview of most of the course material.
- TOXEN, B., Real World Linux Security, Prentice Hall PTR; ISBN: 0130281875
- An excellent practical guide to making Linux/Unix systems more secure