Topic outline

  • General

    Quick info: The 2022 course is now over.

    This is an introductory course on the technical aspects of information security.

    The course has been planned for both bachelor and master students with at least two years of previous studies in computer science. The students are assumed to have programming skills and a broad knowledge of computer-science concepts. 

    The course consists of recorded lectures, online exercises, and an examination. There will also be on-site support sessions for the exercises and flipped classroom sessions to support learning of the lecture content. To complete the course, it is necessary to take the examination on campus.

    Contact information: Use the MyCourses forums for public questions, contact cs-c3130@aalto.fi from your Aalto email for private questions. For help on the exercises, join the exercise advice sessions. Please do not email the course staff members directly. 

    Lecture slides and a link to the recorded lectures will be under Lectures. The lectures will be published during the course. This year, we will mostly use lecture content produced during the two previous years.

    Flipped classroom sessions will be on campus (location varies!) on Tuesdays and Thursdays at 14:15-16:00 from 13 September to 13 October. These support the learning of the course content. There are five sessions in total; each week, the Tuesday and Thursday sessions have the same content. 

    There are five rounds of weekly exercises with weekly deadlines, with the first ones available by 9 September. Exercise support sessions will be on campus (Learning Space Greenhouse, i.e., the old CS library, CS Building, address Konemiehentie 2) three times a week (Tuesdays, Wednesdays, Thursdays at 16:15-18:00). Come there to ask for help with the exercises when you need it.  Each week, the course assistants will focus on the exercise round that has its deadline. The exercises will stay open another week after the stated deadline but with limited support from the teaching staff. Note that the exercises cover only a part of the course content and are not a replacement for the lectures.

    Examinations will be on campus on 20 October 2022, 12 December 2023, and 17 April 2023. You can take one or more of the exams, and the highest grade will prevail. The exam is done with paper and pen. Note that the exam covers all the lecture content, which is much broader than the exercises. 

    Lecture plan (minor changes are possible):

    1.       Access control models
    2.       Access control in operating systems
    3.       User authentication
    4.       Software security
    5.       Cryptography
    6.       Data encryption
    7.       Security protocols
    8.       PKI and web security
    9.       Threat analysis
    10.     Identity management

    Exercise schedule
    1.       Access control in Linux and Windows (dl 23 September 18:00)
    2.       Software and web security 1: SQL injection (dl 23 September 18:00)
    3.       Software and web security 2: web security (dl 30 September 18:00)
    4.       Software and IoT security 3: buffer overrun (dl 7 October 18:00)
    5.       Software and web security 4: XSS (dl 14 October 18:00)