This is an introductory course on the technical aspects of information security. The course is intended for Bachelor students who already have a broad knowledge of computer-science including programming and computer networks, for Master students who have not previously taken a course on security, and for anyone who wants to refresh their knowledge of the basic concepts in the field. The course consists of lectures, which cover the key ideas and technologies, and exercises, which give hands-on experience of practical security issues. The course runs in the first lecture period in autumn 2018.
After taking the course, you will be familiar with the key concepts and abstractions of information security and understand the purpose, function, and weaknesses of several security technologies. You will be able to model threats and critically analyze the security of a system, from the viewpoint of an attacker. Moreover, you will be able to identify common security flaws in software and apply principles of secure programming.
Lectures take place on Tuesdays and Thursdays from 14:15-16:00. Please note that there are different lecture venues on different days. Consult the calendar on the right hand side of this page for details.
The following is a preliminary plan for the lecture topics (but note that this may be subject to change):
- Course Introduction + Access Control Models
- Operating System Access Control
- User Authentication
- Software Security
- Introduction to Cryptography
- Electronic Payment
- Security Protocols
- Web Security and Public Key Infrastructure
- Threat Analysis
- Database Privacy and the General Data Protection Regulation (GDPR)
- Electronic Identity
- Data Encryption + Course Summary
The grading will be based on the weighted sum of exam and assignment points: total_points = exam_points + round_up(assignment_points / 10). The maximum points are 30+10, plus some additional points for advanced problems in the assignments. Anyone who gets at least 40% of both the exam points (≥12p) and total points (≥16p) is guaranteed to pass the course.
Course staff: Tuomas Aura, Andrew Paverd, Siddharth Rao, and Thanh Bui.
The course staff can be reached by email individually at email@example.com or collectively at firstname.lastname@example.org