COMP0141 Security

This database contains the 2018-19 versions of syllabuses. These are still being finalised and changes may occur before the start of the session.

Syllabuses from the 2017-18 session are available here.

Academic session

2018-19

Module

Security

Code

COMP0141

Module delivery

1819/A5U/T2/COMP0141 Undergraduate

Related deliveries

None

Prior deliveries

None - new delivery for 1819

Level

Undergraduate

FHEQ Level

L5

FHEQ credits

15

Term/s

Term 2

Module leader

TBC

Contributors

TBC

Courtouis, Nicolas

Parkin, Simon

Module administrator

Ball, Louisa

Levit, Getrud

Aims

The module aims at giving students a foundation in computer security, cryptography and human aspects of security.

After taking the module students should be able to identify risks and security sensitive aspects of systems, where a system can range from a small and simple solution for a specific task to a full organisation including IT infrastructure and users. They will be taught this from the experience of how systems have failed in the past and by analysing systems from an adversarial viewpoint.

Students should also know core defensive techniques to prevent or mitigate attacks. They should be able to formulate a threat model for a system and reason about whether it is secure or insecure.

Students should be able to deliver effective security for real-world environments: how to design and manage security in organisations to effectively protect them.

Learning outcomes

On successful completion of the module, a student will be able to:

  1. understand how to formulate a threat model including the assets to be protected, the capabilities of the adversary, and reason about whether the probability the adversary may succeed.
  2. know core cryptographic methods to protect communication such as message authentication codes, digital signatures, encryption, and key exchange. Understand the security guarantees cryptographic tools provide and conversely how inappropriate use lead to vulnerabilities.
  3. understand key principles and concepts related to computer and systems security. Understand the complexities of building flexile and correct access control and authentication systems, from a technical and HCI perspective. Recognize and exploit common security vulnerabilities on hosts and networks.
  4. know that security involves people, processes and technology. Understand how security needs to fit with business goals and organisational processes to work effectively - rather than disrupt, create friction, and drain resources. Know the basics of how to influence and manage security behaviours of a range of organisational stakeholders - employees, managers, developers, security specialists.

Availability and prerequisites

This module delivery is available for selection on the below-listed programmes. The relevant programme structure will specify whether the module is core, optional, or elective.

In order to be eligible to select this module as optional or elective, where available, students must meet all prerequisite conditions to the satisfaction of the module leader. Places for students taking the module as optional or elective are limited and will be allocated according to the department’s module selection policy.

Programmes on which available:

  • BSc Computer Science
  • MEng Computer Science

Prerequisites:

There are no formal prerequisites.

Content

The module gives students a foundation in computer security, cryptography and human aspects of security. Students will study attacks against system and analyse systems from an attacker’s perspective. The module will also cover core defensive techniques and develop threat models that can be used to analyse the security of a system. The module starts with specific cryptographic systems in the first 3 weeks, then the middle 4 weeks are dedicated to computer security, and in the last 3 weeks students will study security for real-world environments: how to design and manage security in organisations to effectively protect them.

An indicative reading list is available via http://readinglists.ucl.ac.uk/departments/comps_eng.html.

Delivery

The module is delivered through a combination of lectures, tutorials, seminars, written and programming exercises, and project work.

Assessment

This module delivery is assessed as below:

#

Title

Weight (%)

Notes

1

MCQ Examination (2 hours)

100

 

In order to pass this module delivery, students must:

  • achieve an overall weighted module mark of at least 40%; and
  • achieve a mark of at least 30% in any components of assessment weighed ≥ 30% of the module.

Where a component comprises multiple assessments, the minimum mark applies to the overall component.