University of Essex

CE708-7-AU-CO:
Computer Security

The details

Year: 2023/24

Department: Computer Science and Electronic Engineering (School of)

Campus: Colchester Campus

Term: Autumn

Level: Postgraduate: Level 7

Status: Current

Start date: Thursday 05 October 2023

End date: Friday 15 December 2023

Credits: 15

Last updated: 17 June 2022

Requisites for this module

Pre-requisites: (none)

Co-requisites: (none)

Pre and / or co-requisites: (none)

Prohibited modules: (none)

Key module (requisite for): CE823

Key module for

MSC G40012 Advanced Computer Science,
MSC G400CH Advanced Computer Science,
MSC H60112 Computer Networks and Security,
MSCIG402 Computer Science,
MSCII100 Computer Science (Integrated Masters, Including Placement Year)

Module description

This course gives an introduction to computer security and cryptography, and then goes on to consider security as it relates to a single, network connected, computer.

Introductory material is independent of any operating system but the consideration of tools will focus on those available for Linux, partly because its open-source nature facilitates this and partly because it is widely used on server systems. The introduction to cryptography will be used to consider its use in encryption and authentication.

Module aims

The aim of this module is to provide an introduction to computer security and cryptography and consider security according to a single network connected computer exemplified using the linux operating system.

Module learning outcomes

On completion of the course, students should be able to:

1. Identify and describe common security vulnerabilities
2. Identify and describe different types of attack on computers
3. Recommend security tools and procedures to protect against specific types of attack
4. Describe the nature of malware, how it may be identified and the attack mitigated
5. Explain the distinction between different types of cryptography and identify common algorithms that are weak and strong
6. Describe the use of cryptography in certification and authentication

Module information

Outline Syllabus

1. Introduction:

Principles of security and privacy, introduction to the different types of computer attack
Common security policies, techniques and tools:
Good administrative procedures for computer systems. Data security (e.g. good backup policy).
Combating social engineering. Tools for identifying system vulnerabilities. Monitoring for break-ins. Recovering from a break-in.

2. Overview of Encryption:

Applications of encryption to computer security. Types of encryption algorithms.
Examples of encryption algorithms commonly used.

3. User Authentication:

Methods of user authentication. One way functions and MD5., Biometric access control (e.g. fingerprint, iris etc.). Other techniques (e.g. smartcard).

4. Protecting passwords from attack:
Good and bad passwords. Methods to crack passwords and policies/techniques to reduce the problem.

5. Malicious software:
History. Classification. How viruses spread. Identifying malware.
Antivirus software.

6. Risk analysis
Analysis of risk. Steps in risk analysis. Using risk analysis to select new controls.

Learning and teaching methods

No information available.

Bibliography

Gollmann, D. (2010) Computer Security. 3rd Edition. Chichester: John Wiley and Sons Ltd. Available at: https://ebookcentral.proquest.com/lib/universityofessex-ebooks/detail.action?docID=819182.
Pfleeger, C.P., Pfleeger, S.L. and Margulies, J. (2015) Security in computing. Fifth edition. Upper Saddle River, NJ: Prentice Hall. Available at: https://learning.oreilly.com/library/view/security-in-computing/9780134085074/?sso_link=yes&sso_link_from=university-of-essex.
Bishop, M., Sullivan, E. and Ruppel, M. (2019) Computer security: art and science. Second edition. Boston: Addison-Wesley. Available at: https://app.kortext.com/Shibboleth.sso/Login?entityID=https://idp0.essex.ac.uk/shibboleth&target=https://app.kortext.com/borrow/1026076.

The above list is indicative of the essential reading for the course.
The library makes provision for all reading list items, with digital provision where possible, and these resources are shared between students.
Further reading can be obtained from this module's reading list.

Assessment items, weightings and deadlines

Coursework / exam	Description	Coursework weighting
Coursework	Assignment 1 - Lab Report	33.33%
Coursework	Assignment 2 - Lab Report	33.34%
Written Exam	Progress Test 1	33.33%
Exam	Main exam: In-Person, Open Book (Restricted), 120 minutes during Early Exams
Exam	Reassessment Main exam: In-Person, Open Book (Restricted), 120 minutes during September (Reassessment Period)

Exam format definitions

Remote, open book: Your exam will take place remotely via an online learning platform. You may refer to any physical or electronic materials during the exam.
In-person, open book: Your exam will take place on campus under invigilation. You may refer to any physical materials such as paper study notes or a textbook during the exam. Electronic devices may not be used in the exam.
In-person, open book (restricted): The exam will take place on campus under invigilation. You may refer only to specific physical materials such as a named textbook during the exam. Permitted materials will be specified by your department. Electronic devices may not be used in the exam.
In-person, closed book: The exam will take place on campus under invigilation. You may not refer to any physical materials or electronic devices during the exam. There may be times when a paper dictionary, for example, may be permitted in an otherwise closed book exam. Any exceptions will be specified by your department.

Your department will provide further guidance before your exams.

Overall assessment

Coursework	Exam
30%	70%

Reassessment

Coursework	Exam
30%	70%

Module supervisor and teaching staff

Supervisor: Dr Michael Barros, email: m.barros@essex.ac.uk.

Teaching staff: Dr Michael Barros

Contact details: School Office, email: csee-schooloffice (non-Essex users should add @essex.ac.uk to create full e-mail address), Telephone 01206 872770

Availability

Available to incoming Essex Abroad / Exchange students: Yes

Available to Outside Option: No

Available to Audit: Yes

External examiner

Name: Dr Anthony Olufemi Tesimi Adeyemi-Ejeye

Resources

Teaching materials: Available via Moodle

Lecture recording: Of 71 hours, 20 (28.2%) hours available to students:
50 hours not recorded due to service coverage or fault;
1 hours not recorded due to opt-out by lecturer(s), module, or event type.

Further information

Department website: Computer Science and Electronic Engineering (School of)

Disclaimer: The University makes every effort to ensure that this information on its Module Directory is accurate and up-to-date. Exceptionally it can be necessary to make changes, for example to programmes, modules, facilities or fees. Examples of such reasons might include a change of law or regulatory requirements, industrial action, lack of demand, departure of key personnel, change in government policy, or withdrawal/reduction of funding. Changes to modules may for example consist of variations to the content and method of delivery or assessment of modules and other services, to discontinue modules and other services and to merge or combine modules. The University will endeavour to keep such changes to a minimum, and will also keep students informed appropriately by updating our programme specifications and module directory.

The full Procedures, Rules and Regulations of the University governing how it operates are set out in the Charter, Statutes and Ordinances and in the University Regulations, Policy and Procedures.

Module Directory

CE708-7-AU-CO:Computer Security